urlscan.io logo urlscan.io
SecurityTrails logo

www.idrlabs.com Open in urlscan Pro
2606:4700:3032::ac43:c5a2  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Submission: On August 16 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 13 countries across 107 domains to perform 1358 HTTP transactions. The main IP is 2606:4700:3032::ac43:c5a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.idrlabs.com. The Cisco Umbrella rank of the primary domain is 398537.
TLS certificate: Issued by E1 on July 7th 2023. Valid for: 3 months.
This is the only time www.idrlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a01:7e00:1::... 63949 (AKAMAI-LI...)
266 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
7 35.186.236.140 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.155.129.80 16509 (AMAZON-02)
84 2a00:1450:400... 15169 (GOOGLE)
1 108.139.243.44 ()
1 52.222.149.74 16509 (AMAZON-02)
1 65.9.95.9 16509 (AMAZON-02)
6 52.222.253.136 16509 (AMAZON-02)
2 18.66.110.17 16509 (AMAZON-02)
3 65.9.95.111 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 65.9.95.19 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.25.112 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 35.190.39.111 15169 (GOOGLE)
2 34.241.158.58 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 178.250.1.11 44788 (ASN-CRITE...)
1 65.9.95.48 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
72 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
17 161.47.17.28 19994 (RACKSPACE)
41 2a00:1450:400... 15169 (GOOGLE)
5 2.18.96.187 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
25 216.52.2.16 32475 (SINGLEHOP...)
1 16.16.86.227 16509 (AMAZON-02)
38 53 172.217.16.194 15169 (GOOGLE)
2 39 104.18.24.185 13335 (CLOUDFLAR...)
5 6 185.89.211.84 29990 (ASN-APPNEX)
79 2a00:1450:400... 15169 (GOOGLE)
1 5 2620:116:800d... 16509 (AMAZON-02)
36 65.9.95.22 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
5 8 3.65.183.29 16509 (AMAZON-02)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
7 8 37.157.6.233 198622 (ADFORM)
5 3.75.62.37 16509 (AMAZON-02)
1 6 23.35.237.56 16625 (AKAMAI-AS)
2 213.202.235.9 24961 (MYLOC-AS ...)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 35.158.144.31 16509 (AMAZON-02)
28 142.250.74.194 15169 (GOOGLE)
2 2600:9000:219... 16509 (AMAZON-02)
2 130.211.44.5 15169 (GOOGLE)
49 46.228.174.115 56396 (AMOBEE)
26 18.200.193.67 16509 (AMAZON-02)
24 69.166.1.9 27630 (AS-XFERNET)
24 2602:803:c003... 26667 (RUBICONPR...)
25 185.64.189.112 62713 (AS-PUBMATIC)
26 145.40.97.66 54825 (PACKET)
3 2606:2800:133... 15133 (EDGECAST)
1 216.52.2.6 32475 (SINGLEHOP...)
12 2602:803:c003... 26667 (RUBICONPR...)
1 2.18.98.78 16625 (AKAMAI-AS)
1 37.157.3.26 198622 (ADFORM)
3 13 69.173.144.139 26667 (RUBICONPR...)
9 9 69.173.144.165 26667 (RUBICONPR...)
4 34.98.64.218 396982 (GOOGLE-CL...)
7 3.220.245.178 14618 (AMAZON-AES)
9 18 52.51.98.172 16509 (AMAZON-02)
28 88.221.169.246 16625 (AKAMAI-AS)
24 198.47.127.205 3257 (GTT-BACKB...)
2 8 185.64.190.78 62713 (AS-PUBMATIC)
4 104.18.11.47 13335 (CLOUDFLAR...)
4 4 193.0.160.131 54312 (ROCKETFUEL)
4 69.166.1.66 27630 (AS-XFERNET)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
5 15.197.193.217 16509 (AMAZON-02)
4 7 208.93.169.131 46244 (WEBMD-IDC...)
1 3 52.209.112.33 16509 (AMAZON-02)
2 3 13.248.245.213 16509 (AMAZON-02)
18 2600:9000:245... 16509 (AMAZON-02)
12 144.76.91.199 24940 (HETZNER-AS)
1 3 72.246.169.24 16625 (AKAMAI-AS)
3 5 52.46.151.131 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
5 7 52.48.108.9 16509 (AMAZON-02)
3 3 2001:678:cb4:... 56396 (AMOBEE)
2 3 151.101.2.49 54113 (FASTLY)
1 23.213.161.138 20940 (AKAMAI-ASN1)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 67.220.224.144 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
43 2600:1f13:800... 16509 (AMAZON-02)
2 2 178.250.7.11 44788 (ASN-CRITE...)
1 2 52.51.140.18 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.7.131.84 14618 (AMAZON-AES)
1 5 138.201.63.145 24940 (HETZNER-AS)
4 138.201.84.245 24940 (HETZNER-AS)
1 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 1 94.23.99.218 16276 (OVH)
4 104.64.118.247 16625 (AKAMAI-AS)
2 2 54.167.179.9 14618 (AMAZON-AES)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.214.212.177 15169 (GOOGLE)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 141.94.171.215 16276 (OVH)
3 3 18.198.126.47 16509 (AMAZON-02)
1 1 141.95.32.72 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 188.166.17.21 14061 (DIGITALOC...)
4 185.64.190.81 62713 (AS-PUBMATIC)
1 3.124.126.0 16509 (AMAZON-02)
7 142.250.184.226 15169 (GOOGLE)
1 3 185.86.139.94 201081 (SMARTADSE...)
1 72.251.241.204 32475 (SINGLEHOP...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 15169 (GOOGLE)
1 1 141.94.161.190 16276 (OVH)
2 2 141.94.171.216 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 98.98.134.243 21859 (ZEN-ECN)
1 108.128.74.29 16509 (AMAZON-02)
1 2 54.247.148.218 16509 (AMAZON-02)
2 2 54.77.49.106 16509 (AMAZON-02)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 23.88.86.2 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
3 94.130.102.164 24940 (HETZNER-AS)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.16.151 24940 (HETZNER-AS)
1 1 35.186.231.97 15169 (GOOGLE)
1 13.224.189.31 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 54.156.84.254 14618 (AMAZON-AES)
1358 128
15    2606:4700:3032::ac43:c5a2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.idrlabs.com
cdn.idrlabs.com
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
monu.delivery
266    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3031::6815:d20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.idrlabs.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
45    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
2    2606:4700::6812:4a5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    18.155.129.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-80.cdg52.r.cloudfront.net
launchpad-wrapper.privacymanager.io
84    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    108.139.243.44 (United States)

ASN- ()
PTR: server-108-139-243-44.mxp63.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.222.149.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-74.cdg52.r.cloudfront.net
client.aps.amazon-adsystem.com
1    65.9.95.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-9.prg50.r.cloudfront.net
launchpad.privacymanager.io
6    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net
geo.privacymanager.io
3    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.95.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-19.prg50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2127:1000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.25.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
7    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.241.158.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    65.9.95.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-48.prg50.r.cloudfront.net
ats-wrapper.privacymanager.io
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
72    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
15    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
17    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
41    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
25    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    16.16.86.227 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-16-86-227.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
53    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
39    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
6    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
79    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
36    65.9.95.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-22.prg50.r.cloudfront.net
tagan.adlightning.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
ipac.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    3.65.183.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-183-29.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
2    213.202.235.9 (Grenzach-Wyhlen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    2a02:26f0:1700:6::17d5:a191 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    35.158.144.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-144-31.eu-central-1.compute.amazonaws.com
vfd2dyn.vodafone.de
28    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:9000:219c:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
49    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
26    18.200.193.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
24    69.166.1.9 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
24    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
25    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
26    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
1    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
12    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    2.18.98.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-98-78.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
13    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
7    3.220.245.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-245-178.compute-1.amazonaws.com
1x1.a-mo.net
18    52.51.98.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
28    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
24    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
8    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
3    52.209.112.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-112-33.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
18    2600:9000:2450:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
12    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal9000.redintelligence.net
3    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
5    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
7    52.48.108.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-108-9.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    23.213.161.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-138.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
12    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
43    2600:1f13:800:7780:a4b4:a840:33fb:2084 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    52.51.140.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-140-18.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.7.131.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-131-84.compute-1.amazonaws.com
a.audrte.com
5    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
4    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal900025.redintelligence.net
2    145.239.193.130 (Valence, France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
4    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
2    54.167.179.9 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-179-9.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.214.212.177 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 177.212.214.35.bc.googleusercontent.com
csync.loopme.me
3    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
3    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
loadm.exelator.com
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
ws.rqtrk.eu
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    3.124.126.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-126-0.eu-central-1.compute.amazonaws.com
t23.intelliad.de
7    142.250.184.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ade.googlesyndication.com
3    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.94.161.190 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel-eu.onaudience.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    108.128.74.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-74-29.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    54.247.148.218 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    54.77.49.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-49-106.eu-west-1.compute.amazonaws.com
match.360yield.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
2    2a01:4f8:d0a:2321::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
1    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
impfr.tradedoubler.com
1    13.224.189.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-31.fra2.r.cloudfront.net
img.tradedoubler.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    54.156.84.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-84-254.compute-1.amazonaws.com
sync.ipredictive.com
Apex Domain
Subdomains		 Transfer
352 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 340
4 MB
210 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
1 MB
86 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 647
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9594
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
token.rubiconproject.com — Cisco Umbrella Rank: 748
eus.rubiconproject.com — Cisco Umbrella Rank: 737
246 KB
79 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1105
static.adsafeprotected.com — Cisco Umbrella Rank: 751
dt.adsafeprotected.com — Cisco Umbrella Rank: 683
906 KB
79 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
1 MB
66 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 651
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 672
image2.pubmatic.com — Cisco Umbrella Rank: 1137
image6.pubmatic.com — Cisco Umbrella Rank: 989
simage2.pubmatic.com — Cisco Umbrella Rank: 982
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
198 KB
50 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1038
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
4 KB
41 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
2 MB
39 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
htlb.casalemedia.com — Cisco Umbrella Rank: 741
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
22 KB
36 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2663
1 MB
33 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1121
1x1.a-mo.net — Cisco Umbrella Rank: 3462
32 KB
28 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2845
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
26 KB
26 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 808
5 KB
26 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
ce.lijit.com — Cisco Umbrella Rank: 1118
12 KB
24 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 40248
hal900010.redintelligence.net — Cisco Umbrella Rank: 307171
hal900025.redintelligence.net — Cisco Umbrella Rank: 321343
hal900012.redintelligence.net — Cisco Umbrella Rank: 295156
137 KB
19 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 15133
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 15240
aax.amazon-adsystem.com — Cisco Umbrella Rank: 435
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
65 KB
17 saambaa.com
saambaa.com — Cisco Umbrella Rank: 21121
api.saambaa.com — Cisco Umbrella Rank: 23622
332 KB
16 idrlabs.com
www.idrlabs.com — Cisco Umbrella Rank: 398537
cdn.idrlabs.com — Cisco Umbrella Rank: 483995
186 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 3
7 KB
12 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
1 KB
11 monu.delivery
monu.delivery — Cisco Umbrella Rank: 31113
imps.monu.delivery — Cisco Umbrella Rank: 37609
190 KB
9 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
cm.adform.net — Cisco Umbrella Rank: 1329
dmp.adform.net — Cisco Umbrella Rank: 3746
5 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
3 KB
9 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1546
google-bidout-d.openx.net — Cisco Umbrella Rank: 1553
us-u.openx.net — Cisco Umbrella Rank: 605
1 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
2 KB
8 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
www.google-analytics.com — Cisco Umbrella Rank: 62
22 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
4 KB
7 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
4 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1550
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
4 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3855
launchpad.privacymanager.io — Cisco Umbrella Rank: 3364
geo.privacymanager.io — Cisco Umbrella Rank: 2287
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3024
71 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
1 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1412
pixel.quantserve.com — Cisco Umbrella Rank: 1151
cms.quantserve.com — Cisco Umbrella Rank: 1015
20 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 2338
dis.criteo.com — Cisco Umbrella Rank: 745
8 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
13 KB
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1611
creativecdn.com — Cisco Umbrella Rank: 674
3 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 802
match.360yield.com — Cisco Umbrella Rank: 2456
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3601
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18442
2 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 17983
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3076
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
3 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 849
cdn.indexww.com — Cisco Umbrella Rank: 1942
3 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 599
tps.doubleverify.com — Cisco Umbrella Rank: 609
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10563
107 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
2 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
928 B
3 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 29169
loadm.exelator.com — Cisco Umbrella Rank: 2006
3 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3473
spl.zeotap.com — Cisco Umbrella Rank: 3551
1 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44946
medialead.de — Cisco Umbrella Rank: 44711
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24211
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26823
921 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
925 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
887 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
3 KB
3 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 24893
67 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
9 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
1 KB
2 tradedoubler.com
impfr.tradedoubler.com — Cisco Umbrella Rank: 108080
img.tradedoubler.com — Cisco Umbrella Rank: 87037
1 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 145371
6 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5227
562 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
2 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 776
963 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1302
1 KB
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12286
1 KB
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 48308
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
920 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1013
id5-sync.com — Cisco Umbrella Rank: 440
26 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1668
156 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
493 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 225438
401 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4957
463 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 757
337 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1884
182 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
187 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 29168
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3672
638 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
276 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
556 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
283 B
1 intelliad.de
t23.intelliad.de — Cisco Umbrella Rank: 141155
556 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3020
555 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
104 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3841
352 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
226 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856
524 B
1 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 44216
606 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
648 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
651 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1969
424 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1173
178 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4589
400 B
1 vodafone.de
vfd2dyn.vodafone.de — Cisco Umbrella Rank: 102080
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2445
173 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1697
244 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
402 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3468
514 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1341
9 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1691
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1835
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
13 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
85 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
1358 107
Domain Requested by
266 pagead2.googlesyndication.com www.idrlabs.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
84 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
www.idrlabs.com
saambaa.com
www.googletagservices.com
tagan.adlightning.com
79 s0.2mdn.net www.idrlabs.com
s0.2mdn.net
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
72 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
www.idrlabs.com
s0.2mdn.net
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
53 cm.g.doubleclick.net 38 redirects googleads.g.doubleclick.net
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
eus.rubiconproject.com
49 targeting.unrulymedia.com saambaa.com
45 googleads.g.doubleclick.net pagead2.googlesyndication.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
www.idrlabs.com
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
43 dt.adsafeprotected.com
41 www.googletagservices.com www.idrlabs.com
saambaa.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
36 tagan.adlightning.com saambaa.com
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
28 eus.rubiconproject.com www.idrlabs.com
saambaa.com
eus.rubiconproject.com
28 googleads4.g.doubleclick.net www.idrlabs.com
tagan.adlightning.com
26 prebid.a-mo.net saambaa.com
26 ads.yieldmo.com saambaa.com
25 hbopenbid.pubmatic.com saambaa.com
25 ap.lijit.com saambaa.com
24 htlb.casalemedia.com saambaa.com
24 fastlane.rubiconproject.com saambaa.com
24 apex.go.sonobi.com saambaa.com
18 static.adsafeprotected.com www.idrlabs.com
tagan.adlightning.com
18 fw.adsafeprotected.com 9 redirects tagan.adlightning.com
15 www.google.com tpc.googlesyndication.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
tagan.adlightning.com
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
13 simage2.pubmatic.com ads.pubmatic.com
13 pixel.rubiconproject.com 3 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
13 saambaa.com www.idrlabs.com
saambaa.com
12 partner.googleadservices.com tagan.adlightning.com
12 hal9000.redintelligence.net tagan.adlightning.com
hal900010.redintelligence.net
hal900025.redintelligence.net
hal900012.redintelligence.net
12 beacon-ams3.rubiconproject.com tagan.adlightning.com
12 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 cdn.idrlabs.com www.idrlabs.com
cdn.idrlabs.com
11 image2.pubmatic.com googleads.g.doubleclick.net
ads.pubmatic.com
9 token.rubiconproject.com 9 redirects
8 image6.pubmatic.com 2 redirects googleads.g.doubleclick.net
ads.pubmatic.com
8 x.bidswitch.net 5 redirects 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
7 ade.googlesyndication.com
7 match.prod.bidr.io 5 redirects ssum-sec.casalemedia.com
7 bh.contextweb.com 4 redirects googleads.g.doubleclick.net
7 1x1.a-mo.net
7 c1.adform.net 6 redirects ads.pubmatic.com
7 imps.monu.delivery www.idrlabs.com
6 us-u.openx.net googleads.g.doubleclick.net
6 sync.teads.tv 1 redirects 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 www.google-analytics.com saambaa.com
www.idrlabs.com
cdn.jsdelivr.net
6 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
6 fonts.googleapis.com www.idrlabs.com
saambaa.com
hal900010.redintelligence.net
hal900025.redintelligence.net
hal900012.redintelligence.net
5 hal900010.redintelligence.net 1 redirects www.idrlabs.com
tagan.adlightning.com
hal900010.redintelligence.net
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
5 match.adsrvr.org saambaa.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
5 ups.analytics.yahoo.com 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
ads.pubmatic.com
5 ads.pubmatic.com saambaa.com
ads.pubmatic.com
4 simage4.pubmatic.com ads.pubmatic.com
4 www.awin1.com www.idrlabs.com
4 hal900025.redintelligence.net tagan.adlightning.com
hal900025.redintelligence.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 creativecdn.com 4 redirects
4 sync.go.sonobi.com
4 p.rfihub.com 4 redirects
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 api.saambaa.com saambaa.com
4 monu.delivery www.idrlabs.com
monu.delivery
4 www.idrlabs.com www.idrlabs.com
3 hal900012.redintelligence.net tagan.adlightning.com
hal900012.redintelligence.net
3 sync.1rx.io 3 redirects
3 rtb-csync.smartadserver.com 1 redirects googleads.g.doubleclick.net
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ad.turn.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 eb2.3lift.com 2 redirects googleads.g.doubleclick.net
3 dpm.demdex.net 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
3 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
3 saambaa-static.azureedge.net www.idrlabs.com
3 cdn.jsdelivr.net securepubads.g.doubleclick.net
saambaa.com
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
2 pixel.tapad.com 1 redirects
2 cdn.retailads.net 1 redirects futalis.de
2 match.360yield.com 2 redirects
2 ad.360yield.com 1 redirects googleads.g.doubleclick.net
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 sync.srv.stackadapt.com 2 redirects
2 pv.medialead.de 1 redirects www.idrlabs.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 tags.bluekai.com 1 redirects googleads.g.doubleclick.net
2 js-sec.indexww.com saambaa.com
2 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 pixel.quantserve.com www.idrlabs.com
2 rules.quantcount.com secure.quantserve.com
2 cdn.doubleverify.com www.idrlabs.com
2 m.exactag.com www.idrlabs.com
2 secure.quantserve.com www.idrlabs.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
googleads.g.doubleclick.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 c.amazon-adsystem.com client.aps.amazon-adsystem.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
1 sync.ipredictive.com 1 redirects
1 loadm.exelator.com 1 redirects
1 img.tradedoubler.com www.idrlabs.com
1 impfr.tradedoubler.com 1 redirects
1 futalis.de tagan.adlightning.com
1 ads.playground.xyz 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 beacon.krxd.net googleads.g.doubleclick.net
1 x.dlx.addthis.com googleads.g.doubleclick.net
1 pixel-sync.sitescout.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 t23.intelliad.de www.idrlabs.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 ws.rqtrk.eu 1 redirects
1 spl.zeotap.com 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 medialead.de 1 redirects
1 pb.media01.eu tagan.adlightning.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 sync.taboola.com 1 redirects
1 tpsc-ew1.doubleverify.com cdn.doubleverify.com
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 ce.lijit.com tagan.adlightning.com
1 tps.doubleverify.com www.idrlabs.com
1 vfd2dyn.vodafone.de www.idrlabs.com
1 tr.blismedia.com 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 protected-by.clarium.io 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 mug.criteo.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 cdn.id5-sync.com www.idrlabs.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 client.aps.amazon-adsystem.com monu.delivery
1 config.aps.amazon-adsystem.com monu.delivery
1 launchpad-wrapper.privacymanager.io monu.delivery
1 www.googletagmanager.com www.idrlabs.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
1358 173

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
idrlabs.com
E1		 2023-07-07 -
2023-10-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-07-23 -
2023-10-21		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-19 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
dyn.vodafone.de
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2024-03-06		 a year crt.sh
quantserve.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.media01.eu
RapidSSL TLS RSA CA G1		 2023-05-16 -
2024-05-15		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.intelliad.de
Thawte TLS RSA CA G1		 2023-07-31 -
2024-08-30		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.futalis.de
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh

This page contains 177 frames:

Primary Page: https://www.idrlabs.com/depersonalization-derealization/test.php
Frame ID: 1B885DD79F4789ABCC9A4C90B2D3A845
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Frame ID: 790821A753BA4C4DF0E9C8329EE67F2B
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 076969FBB68B8584F518D3B98D4AD090
Requests: 1 HTTP requests in this frame

Frame: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F45B098EAC07196AE0702B229DB88DB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Frame ID: A4E950A49D4620430A44F5F1FB13239D
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F358F6AE372D1102BF5DE2E2757C8017
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2738743CDE1F1974E74D495749478E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 910F630B7DEB00FABFECC77419ED787A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss7ikF6L_-wEG8OPkQrBwqwMEVu_foItl_n4B-bjaHSU89h0-r76AYb1tsDqblT57efs0SKdLICn-kTQ5RqJfWF_7NIxD2GpL_znhLW9QA8kHlSFVNrZsJo_rGbQlZoHQD6Au2_AfYhiEadpGCzADdWe3QCawiesXZ3O4mWJuSbG9qVnTwS6ley-KttcCqd8gRr4Y6DULYqr0yYty3odQsaxfFTO2en9tQ-YuGUAf0n-fLk1g5cfJHU_ikxzudUHPDtFzegP3gxomX-Z9N6fenGd74UOuME8gnuNPisr1bVrhlNNssEdv63-_EaXYSnSmqTroRq4k24wFxJZvHdwPtlPP0apXPqnJB-reg6g&sai=AMfl-YQZoHXGDZf3SSv53a31TWYTOxQ8hISkj1Q45xGRv2_Enx-lwJjSnM66cBpPlbSQA_2vvvLAgXZuDNsrI47lG4JrchslqAe-m4tP2-DmXCJvlmrfK4er05g9FQxcJAp-UZ1-_jk-Tb_cnSNJmgg&sig=Cg0ArKJSzFClYTa1XQonEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E114CE878E7C7B9127BCAE528A0678C7
Requests: 171 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuy0DcvcRZKQ7iS_Rv7GY2hbAAA4Ky4IbEusUUSdHUyMN8UJnc-I4W1k7P5uCg3XIgGEpMpnpj33oGPUS0RtVcca57gpfYMf_ddv2tYK83PuF393FUkfWEXvne27h1iR4QyB9Vn3K3MA-9O9K3-ANvPUYfZmra-PmEviop-1QfuU_GqQBW42uqshop-ztHAQx7RiK33synJhx1ECoS_QZp0k9iVQJAE_WKZrf2m8Pd9LJzgkD8zyi76w7WCh6IxUxX0oZU8o4sUnzar9fXWGPEV4PyS-BzPEiMfpL7c06TCLaIouHh2cyECwCt15irkqTXuE4dvkT52lpPVWEHA05G0L4NKJ2B2hSzld9mkQ&sai=AMfl-YTK746u0pdiHTn6cRN8FFLFsFUFj1mhwVjfQyuBXnvsHs1cCkK5ZpBX9Ku6Q9HNUrIHEdmibgxGTPzJyvkkXgbrMYW0TYEdcaA6FcI2x2But8nGldd3-vfuZFG_nH5cY6kS52h3uGxN6oUEW5DV&sig=Cg0ArKJSzGQ3nU_OhjXUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C34C368311C55304B959A1C7D6168D84
Requests: 140 HTTP requests in this frame

Frame: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B3485A13A4CA4D3DD57676BFBD517BF
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Frame ID: 008B1A09C581FBDDC31FAED0A4E99538
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1085D800505699F8B70D147B2517A80A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5D5589E8473D4951C2FD922293E68E26
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Frame ID: DD9A24C53E9E95B06E896B3EB50A0EEC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4496.js
Frame ID: 4824E273F337FD5900AB0F3C4302C88B
Requests: 3 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Frame ID: E625E2F571628125038906E56F122AF3
Requests: 1 HTTP requests in this frame

Frame: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CAB587EE37CE185B8094C0EBC593CA62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Frame ID: 431DFA1BFCA6B6C63C21B2A62B012125
Requests: 1 HTTP requests in this frame

Frame: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A4C47B8A15E0D4E850B9F2615C288793
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: A07DEBC653C062DB2F88EE1EA8C319EF
Requests: 26 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 727FC1E676D98EA1A13E7DFA01C1B883
Requests: 11 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 1642CBBEA2D8E6F2C11704854D29DDE1
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD2B436852FE5F7D10E75EB4DF1707C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B05D83BEE8CFFFB712B039977BC74F6D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNViQdrEahgPHcUVDlsjEYkTePxLr67rmzfRtSdHadZ6UGN9Jyj7XmHbJdIFH5nJq7QGAapDkRRmnUh6e5M1fIt8gH7Oy8Tpnl9xqB2KUwDT7xn2ngn-DLNn1G-Sg-OLzGZnIeNxuJLmieUW0arRpioznpVrZ5EUNG1e02Hn_YnuIXcea1M
Frame ID: 309B665610272FA3D0B0005DFA6B0AA3
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 9576D69947809F9F6EC5565C7577632E
Requests: 25 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 10F278A1A2335EE270844DF5152BAB67
Requests: 25 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 48B5F17BDBF38F3C6D151734BE3A1C05
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Frame ID: CFC8CE274DB1DC8893E9C496FB418CA7
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: AE12C68026D43FC06EF938AD4A5A3619
Requests: 22 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 705F702810BCAE24947D567E7BDA5E86
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Frame ID: 0E659BEB7CA893B2A5D9758B02D17124
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Frame ID: FB2D9974B63E7478D870691F05B94D59
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55CF1748C3AC4AA6EBBB56F759C653CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91731D12FD6EF49700AA812C56D6622A
Requests: 2 HTTP requests in this frame

Frame: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 11218D816846098AE6F572D18CDB23ED
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 498EF01ACD1D8BE2D478832624D6F563
Requests: 25 HTTP requests in this frame

Frame: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1552D45E55AE7493F1139329AE7FDF53
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Frame ID: 9889CC5A604589FE8F0A7BB1DFE75388
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 9BE3645EE0A205A06EAB30D8BCB33B08
Requests: 11 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 9ABBDA12DA29E7323AE669C1FCBFFE35
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Frame ID: 028B58C99743F0B6BAC611C3EBC81BD5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNW64PoEl1MvKcPfiYfb0iWcWKjbMc6iE-LzS5icqb_eM-YyagWE-_6nftpSVC7sqxutf4fzZ4g8CpaRj4Mqj-htNABf0De8216O4AcO1q693SuXhlwQC5EyBRxK4jJNfJpom1d8NEG7PY2hxsyySI3fWMq9dCAlKmG3Hx23vOWHFs7Qqd4
Frame ID: 650B451B87336CC2AEF7F4B1DAB91381
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3D7145CA2BF346BDE11177D5D12F9E5A
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 23EEE79DA9A8ABEFFEBF7389A6BA77FB
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: D7F703C80A1C90793B76D1CE30368F58
Requests: 22 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 31AA42EEFC13268A14EAB3FB0E06FADC
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: F84A954929AFCB51021E8DC6A35BDE31
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3BD60A6896E22715FFDDD59284E5E9F0
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 1F20DCF940178FB4AA4F8B134AEFCC91
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: B97E324E6B0D6CDCEBD4F419E1E32F1D
Requests: 17 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: BE5C49B92B6046D3EEB01B4FB003D3E9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6482EC16FF25570F9BB77821E6B33127
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: E4BF6B877F73635873B0449F65118C55
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 73C6569B01A5C86E88958E49BCCFAB07
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: E37467CA21ABBF898070C20F9E065AD6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUuHPMIOS5cH7DHVJxRKa4uZ596P5S2Q8uv8rz9eNw1JPSBZp6ZIW_vl3ccZ5Llva7gn8ZhH7KIxK7WkDdux1aHuznOOttuCRsmeseS-GkesNCBLHOX8CF9NbCW-Nml6uSeMweB0wPdDzs0ebImo_VROhk3xWGP_dSH3AKbV-uAw5I80v4
Frame ID: 7E9AFFBF61794BFB421CB14E03D0B838
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: FB3B0CBFC57F8597BE31AF4B8F1A2B6D
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 5F670B9A3ED5C68D4CD60A4BA4829608
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 5C1BFB8BACD17977066F287C85A7C740
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 57AB1BB40F5A802DCCC6957CBA9470E8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: CD7ECEFDADEF9A0D083C3929904C933E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNX56YtiBwxySGn5uHC5mr73kAS0vmLlmjf9kpxG12rbmd49t8nHyNhCLIf7npOyTDJFJ-kQmBxe0vt8sAczQRM_GlSO8PJ0xsnw_jBJLJnM7ydiCaLuESkQ6mVQoHNT6EX2slQZgUkQDS4Ozh8wYKwjMVSyBhXkVBPbULqTa80TscbPe2A
Frame ID: 85B19B1E173E8C2CE349ED034FC3DE6A
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7E3D7915CF03E50F244608A5F8BA4891
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: EB1B044B8A92A5475565D37A8A39ED0D
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 99894B6B68B116BD20AB7BE53BB5A75E
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 3AAB5CB52F81F8EAEC53D138D373B753
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 96019CF4F9398D2ACE9DEFA2FB7CFAFD
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8A2917B71110C875236F8AF01D751A1C
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 68D81547734DB96965E6F33CAE8DE614
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198762025&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209097&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216293843&bpp=1548&bdt=1411&idt=4041&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=2&ga_vid=1630745151.1692216289&ga_sid=1692216298&ga_hid=1535669831&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=275295946&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31077148%2C44796700%2C44799579%2C44796312&oid=2&pvsid=699619379780941&tmod=418020901&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.tasxx3i3tw46&fsb=1&dtd=4054
Frame ID: 16E37896F697BEBA5692DBABA8901CC2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59826C5F70D2FD081548962924663EE3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: AC8D5053EE2EF965B48A8E51F02E7DF9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGOf_i-wBMAE&v=APEucNV1reTNK4_exz9mYxLJV4WGWzMUF4VD8r5Fv-BT48VM_gdbNv6Ui3QawWNJbP1a7CujU4938oIlrbhyiR6aSitWmoKVLQ
Frame ID: 979AB6FEF8FA3C80157FB675C57BCC52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGL-_m_EBMAE&v=APEucNXCZADuiaWkGLkS845EP4PZluMkoPqv0jhlbDaz3VMsXHUj0oICRzLEzwX2g7BlmIstMWuTqMRSGhVbotc28onxCN7eEg
Frame ID: D387F8057D5D7FDB80EAC62B5323156F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 84D539BF1ACE1A62D2B1097F2A6F0788
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 088DD9B60E787A070069FA2DB3A8BD42
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F7FB55F97FE7CAD28CF473DAFA8B4BDE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 329E05E028C1DC06C302A9144A1A0EDB
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 067E2C78605EEB050148962E4D010793
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 96467B838B35D2737CB3CF2C0403E48B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 743CB832888DADAF07E460B95FDB7B71
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F5AEAF68C9F6C2EC2523F32F2D3C9D8D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4CD2A25075772508D488252500ABD5F0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
Frame ID: 7604C3A62EA2EA38FBE8826C5A9FBB25
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9865E4E55C6EE6C21556636A17D8D53C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 9EBB7AC3F88CC45ED0ED9E53A7F210A5
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A54C6E0288EF1347369A887F2870C45D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 54ED345F6FB2B1FEB59AD6E112AFD1E4
Requests: 8 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 7538EF53ECA9B55ED1E3AC4EC8E4BBD5
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9D6E1E8B28377847AB93421344CE5988
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 77A12264B0834C5034715046A643A336
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 96BF807879F0B0A85D91EB851A00620D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAD3152FE55DA337B8E6751D948CB936
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 26C78D4D56492EC7446D1C42510A5419
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DA85C6460C313BD397B4962A689C5810
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791077&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209100&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297120&bpp=2292&bdt=2634&idt=3587&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=1656849942&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=2911010587&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076877%2C31077148%2C44798323%2C44796313&oid=2&pvsid=4427788691987120&tmod=1253032831&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tsyjxqrik4se&fsb=1&dtd=3600
Frame ID: 84BE8FB7CCE177B20AB4A58F429C1B19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791694&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209100&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297165&bpp=2273&bdt=2627&idt=3612&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=700596201&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=652956352&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077148%2C44799571%2C44798323%2C31077067%2C44796312&oid=2&pvsid=3909387001177172&tmod=175418838&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ow9bta1wgx1t&fsb=1&dtd=3635
Frame ID: 70126F7481AA253D2EC0B43EB2444970
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7066A885A7DC13DF1B7AD68AF82E033
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: FBC7D96A9CE6B31AF14E006F41E454CE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 53632D871E1A7DA38280E12EF24B9B37
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 2EC3767A8EEFEBE40869B45C4CADCA27
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791694&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297949&bpp=2086&bdt=2754&idt=3259&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=60446090&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1637291388&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076876%2C31077148%2C44799568%2C44798323%2C44796312&oid=2&pvsid=992285831716002&tmod=1416856001&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qfu0p5wapqke&fsb=1&dtd=3272
Frame ID: E3C1FB55F00DAE340BDC222A047C5DD3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 143E97DEA3C72C434B7C15A688408CF2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171331078&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216298844&bpp=1377&bdt=3115&idt=2558&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=1829257103&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=616481410&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077017%2C31077148%2C44799580%2C44798323%2C44796313&oid=2&pvsid=2669857178375524&tmod=1911555855&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wdmo8w9ngfgi&fsb=1&dtd=2565
Frame ID: 5981900376ACEBFB93B4BDF82D4CB9BD
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: C04B5F8CBF1E5B84EECA1F200B59BEE4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299019&bpp=1412&bdt=3027&idt=2513&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=755891671&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1021776040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076877%2C31077148%2C31077066%2C44799581%2C44798323%2C31077067%2C44796312&oid=2&pvsid=895952461367659&tmod=1221880424&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8knjql4a2vpa&fsb=1&dtd=2529
Frame ID: 57B2B1A7F8095A7A69BA70DCD9509002
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171325997&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216298846&bpp=1564&bdt=3201&idt=2715&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=1109743175&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3607676247&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077148%2C44798934%2C44796700%2C44799570%2C44798323%2C31077111%2C44796313&oid=2&pvsid=1969310275089779&tmod=9836950&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oknrxsplaiuu&fsb=1&dtd=2729
Frame ID: AE3E1B09801830B532FA9B15DC9905F5
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=64536700147702304444640012418010&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 43B75925E54946F67B7E7D83F23DF3FC
Requests: 1 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Frame ID: 6907D0C0BD1251E7B96E2356183B3B92
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D1332AD4546C35335CD55F60888B9B19
Requests: 2 HTTP requests in this frame

Frame: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9DE2A00E5174F600F8A9F6C257EA5194
Requests: 22 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 3C26B627B9FAC248374C5A9FC0627278
Requests: 24 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Frame ID: 0B54CAC4652ECC02ED41488FE0540600
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6671895379648701912&gdpr=0&gdpr_consent=
Frame ID: 11713CAD6A2A7DD84F1B523CC9D72F54
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=a6APOUbXUbtoMBmgfhVbKbKi0Yg&gdpr=0&gdpr_consent=
Frame ID: E3E591BB450ECA935AD5745E4A5258EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268013674851530905&gdpr=0&gdpr_consent=
Frame ID: 2809A45CE7F1150EFF96FAA6B07D592D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 8C0B8A9F3C036154C54DCA04E15A3211
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 58761173CF447A1AB367ECC8AE714AAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525887814035
Frame ID: 8F0A8E7B27A699F3E6AD94FB63FFF786
Requests: 1 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Frame ID: 052A72D6EBBAFDBDC221BE480305857D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 084A4B1EBC0EDE06F94C7740B9F0CA6F
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7ZU7JulgAACQgJtyr1Q&gdpr=0&gdpr_consent=
Frame ID: 258963FF41300F61294F39B84024EF48
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 918E664DBE15C4530408734F57D26108
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8c459b38ab1d4f1288f9b87817b691b4&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: FD769D88F2EF089F5B50D5B192FF91B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8984347487968648637
Frame ID: 3B2E318DE3C396B279AB40DC2FCAC20A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 27EBAA8258F3CCE4C3FA8D4008403E47
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 80BE71A1ADBB7E96037CBDE951ADD936
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=jtpdjcoedhb5
Frame ID: E8DE5EE27A3C56E972D278D3BFBB09F5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhbhTYhYWbQhRTaY&gdpr=0&gdpr_consent=
Frame ID: 66D8962779D33CB1574CAA1E7A45077D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0F7E71799789A1A1465BB687672A307B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171372449&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209102&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299770&bpp=1354&bdt=2702&idt=2699&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=685700440&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1233984899&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076469%2C31076877%2C31077148%2C44798323%2C44796312&oid=2&pvsid=1131171187450178&tmod=436582539&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.14dp6bm952cw&fsb=1&dtd=2712
Frame ID: DD3EC036B695E36A217C495F228FF497
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171369432&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209102&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299752&bpp=1608&bdt=2751&idt=2838&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216303&ga_hid=611266150&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3950297984&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076877%2C31077085%2C31077148%2C44799568%2C44798323%2C44796312&oid=2&pvsid=2736541321062988&tmod=195289885&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oicf93c9xiam&fsb=1&dtd=2845
Frame ID: 37C12EA3CAA9B9D872AEA144FFC9FBA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGNzY8O8BMAE&v=APEucNVXcimQCkrcVzD4KAA1JsZAlOpRT7EHpN7cSQ3gSbpRdB9D8qVQ5871WDcrAe3yYPMZOmfSKRafdw7GDQXAMqP01cU99NmakTJuOlyfAFkSMGxPYIupxugvwqOy9Zv1akyFobXOVbE0vU1H4xl_AaIvFH1AvjX8GrT7bYcsx_N7T34Fq5g
Frame ID: 495407742212E389DE372696AA035263
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 937B78FED5A5CBBA3CB9E7AF79A0792F
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: 92B54CDAEC2B64386D43C421032A8B0C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209103&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216301491&bpp=1255&bdt=1523&idt=2255&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216304&ga_hid=312158561&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=275295946&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077148%2C42531705%2C44799570%2C44798323%2C31077066%2C44796312&oid=2&pvsid=3463363540501150&tmod=1900147391&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ekf1xi52943a&fsb=1&dtd=2266
Frame ID: 74F4CE30C7A61590B58A88C9F0DD1F8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNWq3KKF8_LvK5Px3PNQ_ZGAK9ImpBO2tBOCATEGhMZNpJI-54vrf9B1FjWe8EU-KsOFCetvWUJYLr6ZbWqRESsEZsgurIInVz0sD8o87d-UahJcBBv5ecPQ-33TTTTeFr0SO6_am8Tim4VSqKedmf9MubvrwSgNkWeY_ho20BfppnN5iLs
Frame ID: F80B9DBC3D81D85B33CAD88985D75961
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGMPBm_EBMAE&v=APEucNWlBVkKZkBaw8GxWnOC8pTFMTBW8jQQTk36G5tmCUupHW0_WNqPJxdNtvOh6_n2nbeuVf_zWH8Hpy-uAoE_CKkZ9Dyriw
Frame ID: CFD7D9F761BDCE32BEFE08E8C7D90061
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: FDFA10EBC031B95B6954DB38DC990120
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C2C4E6E5726D1E76B6E031CA1B480F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B579911029C14B4AA82F9ECDDEFAA64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B317DE17D7F4BC50F472AD38D73EEE1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3C089650FBBC257AE49A747672F9FAB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4472FEEF3AE389DF680698938A8E33A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A4FA4A49DA8CE54B80E2C65E40E7345C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209105&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216303134&bpp=1314&bdt=1699&idt=2110&shv=r20230810&mjsv=m202308140101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216305&ga_hid=1071665680&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=652956352&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076876%2C31077148%2C31077067%2C44799578%2C44798323%2C31077111%2C44796312&oid=2&pvsid=1358793954252362&tmod=988227627&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aer5t6i6vn7n&fsb=1&dtd=2126
Frame ID: DC8ECC3F32C533AE76F574043C46B3D6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A0D6A98E33E530426E1DD0900B897933
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 48D8F7C6A1FA9641A94FF37CC8FB5033
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70EC78DDE7275981354B8A16D4ACFB12
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F877E2B873A8042E94CEEB9E653136B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADA638365B8D52847DE5E1CF609C3293
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4274C30C2C5779771D8038678E27F8AD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5401670607341155244/index.html?e=69&leftOffset=0&topOffset=0&c=4b9doB8sFh&t=1&renderingType=2&ev=01_250
Frame ID: B000C53F79CFECA9B7DD1C444BC18185
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Frame ID: A42802CDE8593BD59D503D836FE96179
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BF5ED5143191B3C49E3BFCAC65D77D4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A317FDC798E84381B009CBFACF0D0DB6&gdpr=0&gdpr_consent=
Frame ID: 22A0307BAEEB0BD81663145B26A668D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
Frame ID: A2FFE46812353E52213201342A53C47E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171372449&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209105&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216304480&bpp=806&bdt=1474&idt=1383&shv=r20230810&mjsv=m202308150101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216306&ga_hid=1589938928&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3226943779&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076877%2C31077148%2C42531706%2C31077111%2C44799580%2C44798323%2C31077111%2C44796312&oid=2&pvsid=368999286145811&tmod=1880137617&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uq3o2kw0ca96&fsb=1&dtd=1394
Frame ID: 0FAE5A96967EB5BC46D1311BD1BF976D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DC1F761D840A5785FB888458FDA687F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D777499AD873FA450ED0C3567C3F9B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35D4C5ECC5C0EBDBCAE81E32AE21B61C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E347DAC52ABA79A96BBC7A31DD67C3B3
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
Frame ID: DC109BD8B18758673D28122DA131E0F2
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Frame ID: 5015A574948A4F7043C74B71B5483EFF
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 37E25D1CC6C30289254E7A4D0BD0D2AE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30633BA5729F357430F4389937BB2E86
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8808E120326513A0737B9D6E9A4CAD14
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 322AFBCABD2468B704A75129B5CF5E06
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABB5BC780283AD6B481973A302C01517
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Frame ID: E84B4B4E19310CF45C93DD577CD9DE2E
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNX6kq12YHhjuBV0kQIEWDnIGSDSHRFwNMZSWmml69sIEZBnNDfXZEFnx8q9oAquy-VGbkFr7-oIGLiukbGmCpDTzQY1K3M-wOn9QnSR71bS3yJGlpLrnkZFBtegFBTLIzpzH_jXbuQFcqksI0Kb4Qjd_X6USgsAaMCqLyKO-6ipSG7a1ZM
Frame ID: B603890003D4AF5E87A713D2EA8805B4
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 37B27333766D1615EB04B968D21446AD
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 376132BD3BC95C073CC4FA5BF98C8854
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 52FE96BA7990184B3E9178664F397062
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=QEuQNLQW9O&t=1&renderingType=2&ev=01_250
Frame ID: E93B2555FA0E0C921910085CA1E0C941
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Depersonalization-Derealization Test

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1358
Requests

91 %
HTTPS

25 %
IPv6

107
Domains

173
Subdomains

128
IPs

13
Countries

13081 kB
Transfer

36963 kB
Size

145
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp&cc=1
Request Chain 62
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SlYnRnxhSXVkZy9RQWhPYTc5K1Bua3FTR1ZDaWFVNVF4WG9wd0JRbTh3K3BiTXl1RWhESWt1Zk9ReVFyVGtOTlpsSm9DUmF4dzNlRDUyZjBQODU4bzNSbmJXNFVEY2piUHlRYmtQSFhaa3Jid0NidWVPYnk0dFhKOTVMNXQ4VWdnejZxOFJTSGt1L0NnQ1M0WlUwZlRZK0NSR2tpbmtrbmFqRVh5S2JNdDl6ZzI3QklrTVFadjRscHdrVFJ2YkVCQkxUa0xSRzFGOCtDa1NaZ1dLMkhPalY5WWVIeEFpcXI2Um1BNTNyVG5MOXNjNkR3d1haYlBCdWNEanNKV1FEVS9WR1MyYkc1NDJVaEswV1p5TGE4NHVucE8vQT09fA&cppv=2
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
Request Chain 121
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN0r4gzkfLKSDsPHFf0tggAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBXXuZvo6KDzs9qz-62rYuw&google_cver=1
Request Chain 123
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3MTg5NTM3OTY0ODcwMTkxMg%3D%3D
Request Chain 151
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM3vP7NicmNwQ5hf513uMNE&google_cver=1&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96nNlhp83A3Q1yov1n_U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96nNlhp83A3Q1yov1n_U&google_hm=lNURLLl9SfmbtxLiF9F6aog
Request Chain 154
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELsyprVh7Q2-M5pGVFqW6b8&google_cver=1&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts-UC2E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts-UC2E&google_hm=eS1MUVouUDBWRTJwRVdFUHdPQjFhWnQuQlZER2FGTzdRMX5B
Request Chain 155
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELeR_OpyVfs4svZftOzUvNE&google_cver=1&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-N5-P2uWNNrDeWgFWPHoF HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELeR_OpyVfs4svZftOzUvNE&google_cver=1&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-N5-P2uWNNrDeWgFWPHoF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNzA5OTYyMTI1MzY2MTUzOQ&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-N5-P2uWNNrDeWgFWPHoF
Request Chain 157
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMp-rI26M5BqtAZHX28JVRw&google_cver=1&google_push=AXcoOmT6NlQHB2MnRrppy8yMkun_lB2agKZRnqNGugd099ePMHnGjjJhuAOOJQcLUwnYrx8oBVddPLNphtedZX_fFxKGVB0k4Xdctw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT6NlQHB2MnRrppy8yMkun_lB2agKZRnqNGugd099ePMHnGjjJhuAOOJQcLUwnYrx8oBVddPLNphtedZX_fFxKGVB0k4Xdctw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIVKv0cttDZ21M-UfnJXf3E&google_cver=1
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEI6XGCnx7YLrtaXHVgGwXNs&google_cver=1&adform_v=1
Request Chain 431
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Request Chain 432
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Request Chain 447
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Request Chain 479
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Request Chain 480
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Request Chain 511
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Request Chain 513
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
Request Chain 520
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Request Chain 522
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
Request Chain 531
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGm1asyBg4o8P9jpJaB-v40&google_cver=1
Request Chain 540
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814030
Request Chain 541
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
Request Chain 543
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c14373ec-ae23-4234-b48c-ba66107dcd1b&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cDdGR1VJUDl6T3lpV1dIM1h4Qkxhdw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Request Chain 544
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8117099621253661539&ssp=sonobi
Request Chain 561
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814035
Request Chain 562
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7&google_hm=YTljNzkyZDgtYzQzMy00YmRhLThlNzctNTNmMzI4OGVhYmE3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJhTF7m1eiYHNrb0p0kWujQ&google_cver=1&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7
Request Chain 563
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
Request Chain 565
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c245c61b-d2c7-404b-b723-97e74240e839&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SmR0ZXkzSFdMaVJKOGRpakF0Z01Rdw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Request Chain 620
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1
Request Chain 621
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEES0AO0db-cab3KWnoplIVk&dongle=c627&google_cver=1
Request Chain 622
  • https://eb2.3lift.com/sync/google/demand?sync=1 HTTP 302
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI3NDkyMjcyNjA1MTI2NzA0Njk0Mg%3D%3D
Request Chain 666
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jePDnqCfblVoiJzhU7vSyv&adContainerId=brand_safety_5SvdZJTrNKqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5SvdZJTrNKqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8,c:lurLFv,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-t7t5s,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b31%7C1b32%7C1b4%7C1b5%7C1b61%7C1b62%7C1b71%7C1b72%7C1b81%7C1b82%7C1b91%7C1ba1%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:2b13900d-3c70-11ee-a654-8a281aa52b11,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5SvdZJTrNKqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5SvdZJTrNKqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 673
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm HTTP 302
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEDOvi_ysTOkGuFr62JfGesc&google_cver=1
Request Chain 674
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESENktOPRI0f49Mc_XKvI8vks&google_cver=1
Request Chain 675
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=$_BK_UUID_B64
Request Chain 676
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDJ8W1EwWFj-BCoLM1vjewc&google_cver=1
Request Chain 677
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 679
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6671895379648701912
Request Chain 680
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAA%263388&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=72cc6d24-13f6-4797-9872-9e3ebc31509a-tuctbd6b16a
Request Chain 681
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708113898&external_user_id=de7ef2db-7559-4d02-83e6-4ea54366e7d8
Request Chain 682
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A317FDC798E84381B009CBFACF0D0DB6
Request Chain 688
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2658299185019424115
Request Chain 689
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZN0r6gAAADkb0ABV HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN0r6gAAADkb0ABV&_test=ZN0r6gAAADkb0ABV
Request Chain 690
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8117099621253661539&expiration=1693425898
Request Chain 691
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588525887814035
Request Chain 695
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLE5VZDS-S-8PAF
Request Chain 696
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExFNVZaRFMtUy04UEFG HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAosKy7RfwydxY6YtXXGSYk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFNVZaRFMtUy04UEFG&google_push=
Request Chain 697
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hbaCVo22Q92qtl9Yp8d3vw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hbaCVo22Q92qtl9Yp8d3vw
Request Chain 699
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oabr4Sc5Qn6UIlo66NZPGA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oabr4Sc5Qn6UIlo66NZPGA
Request Chain 700
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Request Chain 701
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/22nZQs_bs8yUCYuVmb41Pw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nDTHXoJE2oLVUEQXY3ArFZy2WTH7VJfcYvDx8g--~A
Request Chain 702
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Request Chain 759
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0isjWOSQSh-MXTSHnI4oFqC&adContainerId=brand_safety_5yvdZKeEF-6ZjuwP4N-juAw&cbFunctionName=goog_wrapCb_5yvdZKeEF-6ZjuwP4N-juAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:c72c1798-7894-bc5a-cbb1-25f85dc8c3c8,c:lurM6d,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-fxkzf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tN838yx+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b41%7C1b5%7C1b61%7C1b62%7C1b7*.987057-61527017%7C1b71%7C1b72%7C1b81%7C1b82%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b7*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:37,oid:2c221a49-3c70-11ee-815e-1a70303171c9,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZKeEF-6ZjuwP4N-juAw&cbFunctionName=goog_wrapCb_5yvdZKeEF-6ZjuwP4N-juAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 768
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gHT6JgUuQC6HdudB6JuSyW&adContainerId=brand_safety_5yvdZLubN-2RjuwP5dCogAc&cbFunctionName=goog_wrapCb_5yvdZLubN-2RjuwP5dCogAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:27e42e3b-393f-932a-e90f-01b28cd34846,c:lurM8W,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-hhnxv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tN838Bs+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b41%7C1b5%7C1b61%7C1b62%7C1b71%7C1b72%7C1b73%7C1b8*.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b8*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:2c821418-3c70-11ee-9f50-f6adb0e7055a,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZLubN-2RjuwP5dCogAc&cbFunctionName=goog_wrapCb_5yvdZLubN-2RjuwP5dCogAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 774
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gfIPcKx-PW4t7SHyzipX4t&adContainerId=brand_safety_5ivdZPWLOqqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5ivdZPWLOqqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:24c0530a-3aa6-404c-6755-872af1c21117,c:lurMba,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-q7wpj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tN838DJ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b61%7C1b62%7C1b71%7C1b72%7C1b73%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:2badacd8-3c70-11ee-8e8d-aa3dfbb523b5,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5ivdZPWLOqqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5ivdZPWLOqqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 776
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0goU1q4rHIK8sc68xC6UvEh&adContainerId=brand_safety_5yvdZOGECM2QjuwPufqqqAk&cbFunctionName=goog_wrapCb_5yvdZOGECM2QjuwPufqqqAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:318492c9-d150-05ca-e530-6649e0e075f2,c:lurMc3,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-r7wn4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tN838Ex+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b71%7C1b72%7C1b73%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:26,oid:2bcbe383-3c70-11ee-8f38-5e79ad84a4bf,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZOGECM2QjuwPufqqqAk&cbFunctionName=goog_wrapCb_5yvdZOGECM2QjuwPufqqqAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 780
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 782
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
Request Chain 783
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NmaT27ubQceMj11sTQIb-g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 785
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=414175253 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
Request Chain 786
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Zzg2UGFFbEt3N2JTMnVMZ2MyOFcxYURYUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8117099621253661539&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 787
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzY2NjkzREItQkI5Qi00MUM3LThDOEYtNUQ2QzREMDIxQkZB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 788
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Request Chain 791
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8117099621253661539
Request Chain 833
  • https://hal900010.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQZtU5CvdZKmWB8iT7_UPiZaOwAqbpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCrCUca3BKsj6oAwHIA5sEqgTDAU_QIUF6N0Mjnd8Ly0f-gNgc_myHRSaMc0zKfy7w4sb9mmCQPrgy8r9OsAmae3tUaPF82h9dr2gmhAT_hIrLBusaYd_Xt3kPriwhdUyiax8QDNxMQjtGCnz6Bv-C0bPGE569SWSWxnFxpCcl4qzfT_5VcWJ97UMtzn3Pks5CEunknP6m5aCsO5cabdQ-JvhJEG27WbvdGpTbFxO7FQdffI_xP2MsN9rKGcPYismOc-rfah1LVQgEPYX1WeODREn2jQbJlcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIqZjm9_zhgAMVyMm7CB0JiwOoEAEYASAAEgI8QfD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE%26sig%3DAOD64_0nRO51qTqFRP5CrUrq8jnJ6DAUDg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-A-0ujpRoZX5bBw7PPRdNmVrYW1MpaBo9IfGnAqTHqEWpwjVO0Zhd6e2KVomB5rD5SDI9yROG3uy6TvwXirHjPctxvVEfZtLn5FA9rf9UK3tDkuz0owLlQPrkxlrsEAXeeN62nSPSIL20XOy-5tc9zXVKLwVBR4BllP4y4--UBDQNp4T0Y%26cry%3D1%26dbm_d%3DAKAmf-AcM2dKlEehrXB5pSKXWcOZlxsqdg-p5danWKlXEY4ZTwmKpHQqwGnhGXFV1tFkZWkpQ0Rucjp0OusUcK6XH8orxIgOv5U3GOZW4MhljSny1uJJE4K42MuJ0HFP_t5HSMQZA5DzM6Iow6X6P0jnR1Abuqo6SZD6KQ0z62jlqH8pFbDTptxtqbh81BtDnfPrsAWXDqQxkjtdLtLAAq2RMSOA34BaR48aTXET8xIgXPmUcMQi4GsqDaUPov13D__8FqVLZ3-UB-PlAmrP4p7j17rADPJoA6MDHXi6BtLThA3tddlMgTzWJ1ANiy6NH09xaeuagSVyDD9y3Lr8M1bWmoNFLTCojfehrSov0WBgRH3xxvrY1lI9hnDRwyM619-vlCw-7sWkcJTysOgZyMGL2kgScqXGWMkVoLKPfeWGL_TQm7T7Gr_fkQJykktCgH0-mDDzRH7KN6Wqt7WfPONzlImHVPv_vSP9iRZzOMqwBItzhI8FQAcTqkmaB3knRrdUUqDaclFvXoQ0ijPT9IW8KOJvO-NURLyU6oCBtcyxMgJxxgd7PRKNgz-epG_d_wmtVzsClDRgUaaBGJzf4I733eEGYrlpYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=5536673497196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900010.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQZtU5CvdZKmWB8iT7_UPiZaOwAqbpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCrCUca3BKsj6oAwHIA5sEqgTDAU_QIUF6N0Mjnd8Ly0f-gNgc_myHRSaMc0zKfy7w4sb9mmCQPrgy8r9OsAmae3tUaPF82h9dr2gmhAT_hIrLBusaYd_Xt3kPriwhdUyiax8QDNxMQjtGCnz6Bv-C0bPGE569SWSWxnFxpCcl4qzfT_5VcWJ97UMtzn3Pks5CEunknP6m5aCsO5cabdQ-JvhJEG27WbvdGpTbFxO7FQdffI_xP2MsN9rKGcPYismOc-rfah1LVQgEPYX1WeODREn2jQbJlcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIqZjm9_zhgAMVyMm7CB0JiwOoEAEYASAAEgI8QfD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE%26sig%3DAOD64_0nRO51qTqFRP5CrUrq8jnJ6DAUDg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-A-0ujpRoZX5bBw7PPRdNmVrYW1MpaBo9IfGnAqTHqEWpwjVO0Zhd6e2KVomB5rD5SDI9yROG3uy6TvwXirHjPctxvVEfZtLn5FA9rf9UK3tDkuz0owLlQPrkxlrsEAXeeN62nSPSIL20XOy-5tc9zXVKLwVBR4BllP4y4--UBDQNp4T0Y%26cry%3D1%26dbm_d%3DAKAmf-AcM2dKlEehrXB5pSKXWcOZlxsqdg-p5danWKlXEY4ZTwmKpHQqwGnhGXFV1tFkZWkpQ0Rucjp0OusUcK6XH8orxIgOv5U3GOZW4MhljSny1uJJE4K42MuJ0HFP_t5HSMQZA5DzM6Iow6X6P0jnR1Abuqo6SZD6KQ0z62jlqH8pFbDTptxtqbh81BtDnfPrsAWXDqQxkjtdLtLAAq2RMSOA34BaR48aTXET8xIgXPmUcMQi4GsqDaUPov13D__8FqVLZ3-UB-PlAmrP4p7j17rADPJoA6MDHXi6BtLThA3tddlMgTzWJ1ANiy6NH09xaeuagSVyDD9y3Lr8M1bWmoNFLTCojfehrSov0WBgRH3xxvrY1lI9hnDRwyM619-vlCw-7sWkcJTysOgZyMGL2kgScqXGWMkVoLKPfeWGL_TQm7T7Gr_fkQJykktCgH0-mDDzRH7KN6Wqt7WfPONzlImHVPv_vSP9iRZzOMqwBItzhI8FQAcTqkmaB3knRrdUUqDaclFvXoQ0ijPT9IW8KOJvO-NURLyU6oCBtcyxMgJxxgd7PRKNgz-epG_d_wmtVzsClDRgUaaBGJzf4I733eEGYrlpYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=5536673497196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 841
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gNku3WrCrxk4H9Fe5XPLxh&adContainerId=brand_safety_6SvdZNTQFfKcjuwP_-Cd0Aw&cbFunctionName=goog_wrapCb_6SvdZNTQFfKcjuwP_-Cd0Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d,c:lurMly,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-dcpz2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:tN838NY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b81%7C1b82%7C1b83%7C1b91%7C1b92%7C1ba1%7C1ba2%7C1bb*.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bb*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:31,oid:2d593a7c-3c70-11ee-b8a8-92b1d8e05a50,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6SvdZNTQFfKcjuwP_-Cd0Aw&cbFunctionName=goog_wrapCb_6SvdZNTQFfKcjuwP_-Cd0Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 853
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hH8Z75EmNbRvgSwYbGy8rb&adContainerId=brand_safety_6CvdZL29DrODjuwPgJ6rwAc&cbFunctionName=goog_wrapCb_6CvdZL29DrODjuwPgJ6rwAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b7e091bf-dd0c-e5ed-f46b-a33ec296f444,c:lurMoX,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-kfftd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tN838Rt+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1ba*.987057-61527017%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bb3%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1ba*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:2d76ad2b-3c70-11ee-b97c-b6df0052de09,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6CvdZL29DrODjuwPgJ6rwAc&cbFunctionName=goog_wrapCb_6CvdZL29DrODjuwPgJ6rwAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 931
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=64536700147702304444640012418010&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 933
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 969
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6671895379648701912&gdpr=0&gdpr_consent=
Request Chain 970
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=a6APOUbXUbtoMBmgfhVbKbKi0Yg&gdpr=0&gdpr_consent=
Request Chain 971
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268013674851530905&gdpr=0&gdpr_consent=
Request Chain 973
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 974
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525887814035
Request Chain 976
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 977
  • https://pixel.onaudience.com/?partner=214&mapped=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3602b2996ed525e92c2fab24c96b6d7a&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=bb1b73b341db9703 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d3fbcfefbd&zcluid=bb1b73b341db9703&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELEMNoJBq_JCCuXYjGvlh5M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d3fbcfefbd&zcluid=bb1b73b341db9703&zdid=1332
Request Chain 978
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a9c792d8-c433-4bda-8e77-53f3288eaba7&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 979
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2658299185019424115&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 981
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:034d9e5c-865b-4bb4-b5fc-ef26cbf5ce15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1002
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEN1pVN0p1bGdBQUNRZ0p0eXIxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAD7ZU7JulgAACQgJtyr1Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD7ZU7JulgAACQgJtyr1Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAD7ZU7JulgAACQgJtyr1Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2908516355434517834&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7ZU7JulgAACQgJtyr1Q&gdpr=0&gdpr_consent=
Request Chain 1004
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8c459b38ab1d4f1288f9b87817b691b4&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 1005
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8984347487968648637
Request Chain 1008
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=jtpdjcoedhb5
Request Chain 1009
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb1b73b341db9703/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhhbhTYhYWbQhRTaY%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhbhTYhYWbQhRTaY%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhbhTYhYWbQhRTaY&gdpr=0&gdpr_consent=
Request Chain 1010
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1086
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm HTTP 302
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBuBWCbchasBSg_HhmCPLyk&google_cver=1
Request Chain 1087
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJg7BuXIGZ0UlVGET2t7dyQ&google_cver=1
Request Chain 1164
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ-Nn7SDaFHCMw8K41SqnEw&google_cver=1
Request Chain 1165
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1
Request Chain 1166
  • https://match.360yield.com/match/55 HTTP 302
  • https://match.360yield.com/ul_cb/match/55 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=ODUyYTAxMzEtM2YzMS00YzUyLTliMGEtY2YxODNmNWNlMjJk&dsp_callback=1
Request Chain 1195
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464743/4.js?adContainerId=brand_safety_7yvdZJSrItKPjuwPz4mFuA4&cbFunctionName=goog_wrapCb_7yvdZJSrItKPjuwPz4mFuA4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:f7a09c62-47bc-5393-e913-194b84f75e3e,c:lurNF4,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-5khzf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:353.797.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tN83a7B+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C196%7C197%7C1981%7C1982%7C1983%7C1984%7C1985%7C1986%7C1987%7C1991%7C1992%7C1993%7C19a1%7C19a2%7C19a3%7C19b1%7C19b2%7C19b3%7C19c1%7C19d1%7C19e1%7C19f1%7C19g1%7C19h*.1549653-72464743%7C19h1%7C19h2%7C19i%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b31%7C1b32%7C1b33%7C1b341%7C1b35%7C1b4%7C1b51%7C1b52%7C1b53%7C1b54%7C1b55%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b71%7C1b72%7C1b73%7C1b741%7C1b75%7C1b81%7C1b821%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1b93%7C1b941%7C1b95%7C1ba1%7C1ba2%7C1ba3%7C1ba41%7C1ba5%7C1bb1%7C1bb21%7C1bb3%7C1bb4%7C1bc1%7C1bd%7C1be%7C1bf%7C1bg1%7C1bg2%7C1bg3%7C1bg4%7C1bg5%7C1bg6%7C1bg7%7C1bg8%7C1bg9%7C1bga%7C1bgb%7C1bgc%7C1bh1%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:19h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:30b5d2be-3c70-11ee-b25c-46ee1d0c6bab,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 1222
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Request Chain 1224
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A317FDC798E84381B009CBFACF0D0DB6&gdpr=0&gdpr_consent=
Request Chain 1225
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1692216305798 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4076660904 HTTP 302
  • https://sync.1rx.io/usersync/turn/2658299185019424115?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a1a05b71-a586-4b11-a381-95e34e157a60-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a1a05b71-a586-4b11-a381-95e34e157a60-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
Request Chain 1226
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6671895379648701912
Request Chain 1260
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=25730000167160104444640012418012&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
Request Chain 1263
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(25730000167160104444640012418012)508545651 HTTP 302
  • https://img.tradedoubler.com/images/inv.gif
Request Chain 1345
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEG2vVlfdfD8KSPaUOq8s_7g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzYwMmIyOTk2ZWQ1MjVlOTJjMmZhYjI0Yzk2YjZkN2E&
Request Chain 1346
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Request Chain 1347
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Nl9MX29BOUJuUE1PM3R1endELXdLUQ&pid=547259
Request Chain 1357
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464741/4.js?adContainerId=brand_safety_9CvdZO3lHPGZjuwP_8-K-AY&cbFunctionName=goog_wrapCb_9CvdZO3lHPGZjuwP_8-K-AY&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=f&adsafe_jsinfo=,id:366ce9cc-badc-a79a-19be-6fe5a09aec0f,c:lurOyf,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5fb5cdd8b-jjw7j,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tN83b0z+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C196%7C197%7C1981%7C1982%7C1983%7C1984%7C1985%7C1986%7C1987%7C1988%7C1989%7C198a%7C198b%7C1991%7C1992%7C19a1%7C19a2%7C19b1%7C19b2%7C19c1%7C19c2%7C19d1%7C19d2%7C19e1%7C19e2%7C19f1%7C19f2%7C19g1%7C19g2%7C19h1%7C19h2%7C19h3%7C19h4%7C19i1%7C19i2%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3%7C1b41%7C1b42%7C1b43%7C1b44%7C1b45%7C1b51%7C1b52%7C1b53%7C1b54%7C1b55%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1b93%7C1b94%7C1b95%7C1ba1%7C1ba2%7C1ba3%7C1ba4%7C1bb1%7C1bc%7C1bd%7C1be%7C1bf1%7C1bf2%7C1bf3%7C1bf4%7C1bf5%7C1bf6%7C1bf7%7C1bf8%7C1bf9%7C1bfa%7C1bfb%7C1bfc%7C1bg1%7C1bg2%7C1bg3%7C1bg4%7C1bg5%7C1bh*.1549653-72464741%7C1bh1%7C1bh2%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bh*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:41,oid:331b1293-3c70-11ee-ab85-16b39132214d,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 1371
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF
Request Chain 1372
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LLE5VZDS-S-8PAF
Request Chain 1373
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=e4eeaa34-fd9e-467a-88dc-07d29f917996&expires=30
Request Chain 1374
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8117099621253661539
Request Chain 1375
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=a6APOUbXUbtoMBmgfhVbKbKi0Yg
Request Chain 1376
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9141c9ca-06b0-4ec1-84fc-83b26d2029e8

1358 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request test.php
www.idrlabs.com/depersonalization-derealization/ 		110 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe7903f15668c0705c3772d257f95b24aca5a13942ada1c5120469b162ccb61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7f7c49daee37915c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:04:48 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hQ%2F6ZpIdGFRCTsXa0DQpjoW%2F3KWFUeBhxVvagfargxTDpnR1xACjNynNUDHjoYBUVJnPxsXt%2FMvkg2q3mZSzIW%2FknlyS9CAqQcL6fw%2Bviq4qUoWZb2l%2FNV3F0JkVlVDGbsid1iCI3t6OW6X1vA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
min.css
cdn.idrlabs.com/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/min.css?2.5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131983
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 23:47:02 GMT
server
cloudflare
etag
W/"62bb92f6-5ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViNYlD6OGlMwwAVKMBTtvO3dLVOLlCC4oSY3Eu3rf%2BEHBqC0wdwgn74kjd7OGLLLfgGyUU2KiFwbNUADlUPE2tqBVxawJyBRIhtqxReAFTP9m3adBySyXJclRwLAv2Eapy%2BXVcQK5863%2BQtu55c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc0828915c-FRA
expires
Tue, 15 Aug 2023 07:35:24 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 20:01:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:04:48 GMT
test.min.css
cdn.idrlabs.com/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test.min.css?6.20
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50870
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jul 2023 05:06:02 GMT
server
cloudflare
etag
W/"64ae34ba-2c9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSpd3ygbKC50ZKgR6M8D9UWh%2FRZKjy85TNMvtw9bwrbc71eXmfbATeIWhe8IEHwXiMnthUfkERoZ%2Bq4c6DjdbITxra5w%2BLJCp0gk9yL%2BXbOdp1dOBUjJvvqcpuSqHQfaiNXj9p5ixlElZBELU3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc082b915c-FRA
expires
Wed, 23 Aug 2023 05:56:58 GMT
test-link-unit-compat.min.css
cdn.idrlabs.com/assets/css/ 		730 B
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-link-unit-compat.min.css?v3.2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
191460
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 04 Nov 2021 17:50:02 GMT
server
cloudflare
etag
W/"61841d4a-2da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFb8jG41g%2BKNAIww%2F1rRnrk%2F1Lt%2FJdpjnkPtmv1wWElItfpDdtkDpAdWwnoFOB2cigGUWUWGyPk5NiNKBdLtFZNnX0Gy4adHp6wo6%2BdAEw0JHLLyBxb6IKWww3JhLJIe9yJMt9cUcOLHXcKfZuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc082a915c-FRA
expires
Tue, 15 Aug 2023 08:25:12 GMT
test-depersonalization-derealization.min.css
cdn.idrlabs.com/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-depersonalization-derealization.min.css
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d0ab61d9cb7d1775214a0c64dba6f604bf36918cbf8b9170064d20a305e91a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600177
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Jun 2022 04:57:03 GMT
server
cloudflare
etag
W/"62bd2d1f-2ce1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1cYlsCESFqkEXDfJHEqR%2FuxZxryHD4tILK5v%2Fe1b8YNLMCjkuOYDlEJj4JN%2FDTT1Z7qA0hu7gS%2BSpCtIpz%2F2dbBVJZRVoy7iJe%2BnQAg64K9AgtIlSFVEMD%2F58RH6%2FlRyFeaGguMTBGidmpj%2Fy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc0829915c-FRA
expires
Thu, 10 Aug 2023 22:54:45 GMT
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/site/b/d/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
084be608909e9a93a8e6f6e741425b740e27c4d2835aa8ec73d21a4031ba326d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdujAeHQzAjiT_nY29NMfks39tVRAd725RqqePIGFyIckSpiABCKxqTN1DPsQK1NrkLZC2Ys5C5F6V1KQotcI0sAXQ
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1692161240804097
content-type
application/javascript
x-goog-hash
crc32c=LuH8tg==, md5=qAaJ1IFonFnRk9BjBrweIQ==
cache-control
max-age=7200
x-goog-stored-content-length
59417
expires
Wed, 16 Aug 2023 22:04:48 GMT
depersonalization-derealization-card.png
www.idrlabs.com/misc_pictures/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/misc_pictures/depersonalization-derealization-card.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101b2971226fcface7e04d37e626c0fad227aee821892e8fe4ec3d0ca6ebaa70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/depersonalization-derealization/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Jun 2022 04:57:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4943
etag
"62bd2d1f-1598f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UY1Dlem0q5JzhDCexiQJ2iZbYI7WxfsZtPX8Fk3MmqcgPsALDvRPMhr3PnjSJjjslz5zd05p5y5cRTOQNiyJwPWlPHeaUUxuVaSjqxSuH5zs77W0spRDByIzZcL4lOcYCxVkKtln04Vkp30r%2FoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
cf-ray
7f7c49dbeffa915c-FRA
alt-svc
h3=":443"; ma=86400
content-length
88463
eu-check.min.js
cdn.idrlabs.com/assets/js/ 		373 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/eu-check.min.js?v3.1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121185
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 11 Sep 2020 04:03:01 GMT
server
cloudflare
etag
W/"5f5af6f5-175"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP1HLNBbgNoFEO2Px0vYSgiGxPCT9yg2BQcQRsOryM%2BPb%2BohedbclHVD2AYcDHRgSNrOTG%2BmHxNsnAKS2RhxSFo4ybY7xp0lo8IwShMX%2B%2B2k9NEwLesrH2VoqncsrzrqvIctiBnmkQXEIj590lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc082c915c-FRA
expires
Wed, 16 Aug 2023 17:17:18 GMT
test.min.js
cdn.idrlabs.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/test.min.js?1.4
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
571544
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 May 2023 03:30:02 GMT
server
cloudflare
etag
W/"64659bba-ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMqsNoPb%2FxLCLph3beHc7sS1xO3K88rM0scJNqcwhDaDOyQUz0CzZZSULWCkkGEv13vluCkyi%2FHtWuEdCyB9O%2Fksne59hBQTT27osu41bFokOSKP42kQi2TozTNaQSCrIBYe1GKi4TUbP6pShdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc082e915c-FRA
expires
Thu, 10 Aug 2023 05:21:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
248266979d34661864436c20b8027e3fb96e55dc34ea9257c9780d60e99000c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50797
x-xss-protection
0
server
cafe
etag
6857083776653393709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:48 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f31c679925f08d9e81a27d620c453835545d658a993ebc88c6992424e9b87cef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86476
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 16 Aug 2023 20:04:48 GMT
mntzv2.min.js
cdn.idrlabs.com/assets/js/ 		304 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/mntzv2.min.js?v2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
537060
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 09 Jun 2018 18:48:05 GMT
server
cloudflare
etag
W/"5b1c20e5-130"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zwtl0eZB1ofMZf1z4xVt2WRMp1x2SEMlbemxRsgl6V2LMbDUbH6Y0Dwxdp9DX2KBRLnocCD%2B2odYMDpZ%2BCXn1uZpEwEQ9u3sjFoJ4V41gDOC%2B16uyAQwGd2toA5v1FZ%2BHHbzirSVO0KmxZ2OUkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc2e266977-FRA
expires
Mon, 14 Aug 2023 19:05:40 GMT
test-agreement.min.js
cdn.idrlabs.com/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/test-agreement.min.js?v2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63706cba9dbfa38f4472b2c93ab06c8f8699b8e9f4be4c0542482a92fc6d7711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
474277
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 26 Jul 2018 10:53:24 GMT
server
cloudflare
etag
W/"5b59a824-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIFtyiV6idkQyDxB2JmytJgfom%2BL5Nzq7BJa%2BrEcPZCd8IoaKqAQV8kvO%2F4ynb8kLL%2FTYMuPQsdqr1vroATjoJcZ8KsYQWCfGEn06vpz961vOQMtmeqylm4Vst4ObUdVqT%2F5d6hiOvasE76XQes%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7f7c49dc2e296977-FRA
expires
Wed, 16 Aug 2023 08:56:00 GMT
logo-2--banner.png
cdn.idrlabs.com/assets/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--banner.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115351
alt-svc
h3=":443"; ma=86400
content-length
19975
last-modified
Fri, 27 Oct 2017 16:12:45 GMT
server
cloudflare
etag
"59f35afd-4e07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOJuFWZ%2B5xyk%2F38Ty%2FuDVV338K0%2FxbtEZpjHRb46DmjkYrO%2B9dCJ%2BLjBy%2F9r7XaeStUs6OFixUe3HLS2zGE5sq5GMkCn5oW1B1ovgDyeknvXPjt7bgdFL9QaZj72aiT2XsCM0PEOuEcSHUVdmGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f7c49dc7e886977-FRA
expires
Tue, 22 Aug 2023 12:02:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
417585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
fontello.woff2
cdn.idrlabs.com/assets/font/icons/font/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/font/icons/font/fontello.woff2?18854377
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5

Request headers

Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
234662
alt-svc
h3=":443"; ma=86400
content-length
17944
last-modified
Wed, 06 Nov 2019 15:52:27 GMT
server
cloudflare
etag
"5dc2ec3b-4618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVb%2F63UK%2Fk%2B1MjFKc%2FqENO6kVUiQA%2FOUX3zyfiqmee0fGSBI8ztBrnhdNrSa1JpbSMRYMvw88IyYUsb%2F68tSqAyM%2FcZO%2BcolvKwo7GeE9EBQXx7pnvsiM9eg2Tkrf2MetlYOnKTMaBcrtDqzAGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f7c49dc9f009150-FRA
expires
Sat, 19 Aug 2023 04:18:32 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 21:19:25 GMT
x-content-type-options
nosniff
age
341123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 21:19:25 GMT
slide-btn.png
cdn.idrlabs.com/assets/i/ 		301 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/slide-btn.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/test-depersonalization-derealization.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/test-depersonalization-derealization.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
566960
alt-svc
h3=":443"; ma=86400
content-length
301
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-12d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qImxVKExSejJgZcbG8H0XUFTciXfrboixOcG4Yd1GrSkotRordz%2BZw8GF9htvW2K9lkCdhblT6%2B2CIgFYq1srRIbi%2B6YMbsu6A%2BOkUeWwgI2pqIWaKQMMWYS6ZDJrh2ZmI5a0cXRljJYIrzsdvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f7c49dcaebe6977-FRA
expires
Thu, 10 Aug 2023 17:29:24 GMT
logo-2--icon.png
cdn.idrlabs.com/assets/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--icon.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
220723
alt-svc
h3=":443"; ma=86400
content-length
3767
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-eb7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOBMr8t1W4VSMWClfbG%2FMICE1Y%2FECuvbp4HGg4ye4CK1yNQ4qQW0kaeY885wdMBoKrtfNSQpGfE9A2IYMyStOBOFHTIRGljtxAdQ87BBrQVmBs6EeJp3aBxTC1JbCSJ4S8AMrsHpXv41I9puJbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7f7c49dcaec06977-FRA
expires
Fri, 18 Aug 2023 12:25:20 GMT
ajax
www.idrlabs.com/ 		26 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/ajax?action=eu_check
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/depersonalization-derealization/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9u%2FWpFUcAOmPaKyfT320Be0qJtS8ctETP7hrGWz9TPupB%2BzY8yKPWqJISL6Zzb94ZyhaH%2BqerVCX%2B0DLWAyPpRXnAYRXtzR%2BmHaGsMQKavSgFyE7PQ9XB%2FKBA5ZwftC8%2BlybLzz2qNM8db9bKY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7f7c49dcef086977-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
test.php
www.idrlabs.com/depersonalization-derealization/ 		126 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/depersonalization-derealization/test.php
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:c5a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05cd466978b0f61c4b880f17af4fbd68b6cf7714fb3960dffef5389d45f60d39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/depersonalization-derealization/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLrWVECY9EBDIBUQptpnySG9eOcsgIbHcgD1%2BCzskrcmimWikRInOEz1QZaDlYXDnC2yUT1ay40YYJdFJYJcU4YGaCUNU1%2FsE2fES6%2BYlCSQ93wofEs0p84f1aOlOkpnuhB6zwNnVD5OdHRZYAM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7f7c49dd0f406977-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WZ4R7WY0KV&gtm=45je3890&_p=1713576858&cid=1630745151.1692216289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692216288&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=Depersonalization-Derealization%20Test&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/ Frame 7908 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230810/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:35:07 GMT
etag
12368291122986407432
expires
Wed, 30 Aug 2023 18:35:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/sitesplit/d3/smartzones/0.1.9/b/d/ 		603 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.1.9/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
1e3a9b608e34d3a0e9ad090e78a71c835e16a2056aa10fca2ac1202c195c36e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvbe4RXqhqXfUOSH3EnFnTA0X4PCkOH3SC8e9SDfEx8Y59aVXEQ46_47fMjmVpAhd4k5E95cflWYl8wLVBETEczaQ
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1692161243782744
content-type
application/javascript
x-goog-hash
crc32c=HaJIbw==, md5=SE3E/aDngfo9hvBxhPMznQ==
cache-control
max-age=7200
x-goog-stored-content-length
616886
expires
Wed, 16 Aug 2023 22:04:49 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycduHG4eyq5zm9lopWMex6wIXoT-OUqE68vQL3YcMISgWMRmUNiwyeCJMGs8gPUSMNbynak_Ae2BfBdeBBwD_icMsGZzzSwRR
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Sat, 10 Aug 2024 20:04:48 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 0769 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Wed, 16 Aug 2023 20:04:49 GMT
expires
Sat, 10 Aug 2024 20:04:49 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ADPycdsPfw8Z6XMnkkTwFg6T4hHh2greCZlb5uIFW1hB4azdObtGAfhtREgjSlGFy0eryVGJ_MQWk6gWv7DyEeMnMnQlh0ERFCCy
mmt.gif
imps.monu.delivery/ 		37 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=p.d.l&u=FJ401M&d=%22%2Fdepersonalization-derealization%2Ftest.php%22
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 16:35:35 GMT
age
1567754
x-guploader-uploadid
ADPycdtSuwOtdU3RZCf0eaazb2UPGE9w2GvW3-ntwLK7pw9OAEUOa154BV9Nq-v10SJDNfes7We67IyWhvMmn4_sGrcNHheRRpN6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 16:35:35 GMT
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		386 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51de5ddf2c334bdb4f9ee1e2f57c8ca638aa9d776c3314561dc9cb7e6efa3b00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 18:59:47 GMT
server
cloudflare
x-amz-request-id
C4WCV5NRKSCJTRQF
age
575
etag
W/"c796d089e4fd73006027d329a5462c24"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7f7c49df8c372c56-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ox4Hm6oUAeGI/cD+i+sOj8cq0L/RcJuAhLBf99vYq04eSni0uCxMS+06n8SMEieKZahHdy3niTQ=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-80.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:40:00 GMT
x-amz-version-id
S3vVyNvHm.ARP_H4AY9j2FKE5N5OmuNx
content-encoding
gzip
via
1.1 b2ba040f19ad0239b9239a26b1640b9e.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P4
age
26690
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 16 Aug 2023 12:39:57 GMT
server
AmazonS3
etag
W/"9ede2bebd0fab2fa445272da7e6bfa07"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
dZFEPwvNQ-Gjxifus84cq_AYTRb3iK5rSjciqRdwaRpuXtcjqwOaFg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d72153c1d22dc688b96ff4338ba86be586c7845fa9dde464d966675b31dcd3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29043
x-xss-protection
0
server
cafe
etag
11 / 19585 / m202308100101 / config-hash: 14817961918254774615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:49 GMT
76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
config.aps.amazon-adsystem.com/configs/ 		537 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.44 , United States, ASN (),
Reverse DNS
server-108-139-243-44.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
6d371ea6cca532d1e3784d54160b66bd5b057b80749bb3423a8cdfbb0cd5740a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:56:37 GMT
via
1.1 e0062aca9ee6d0119808cbfccfdda9da.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MXP63-P3
age
492
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
jwvOQxstd458j-2lYKYKjvCf74Rozz03vlNGOnXT2OEaWNS9ElW19Q==
publisher.js
client.aps.amazon-adsystem.com/ 		232 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-74.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d0091bf01bcf43c0e5f328b4dd477a15d5e0c2bdedb9e8243b20bd840dbc6ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:07:08 GMT
content-encoding
br
via
1.1 59217f0941f089caa7fbc6da584e0d2e.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 20:50:41 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P1
age
3462
x-amz-server-side-encryption
AES256
etag
W/"cd090173d8eba3ca4f0654e4836a86fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ic8DDVCVH9CAUfN1gBMLI6VPI0RVwB7VLpE2bG_PO5d4YUk4q1Sskg==
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-9.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
5IjvKz0J.50cIikUGQo1jrfh9HyrGtVP
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 19:24:06 GMT
x-amz-cf-pop
PRG50-C1
age
2456
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:25ed2a0f-4360-4a94-a56b-3f7229d7df17
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
4bd975b8fdc81a3349192e248ce3e92f
last-modified
Thu, 22 Jun 2023 08:07:42 GMT
server
AmazonS3
etag
W/"2d5e9fd681541ba76d4e6c18fc669221"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
38aa63277a2cdadf2140d9dfc174efabc77e6e7e54482e1fd9a3fc32be748916
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
0_1iZW0-9y93DP800DhNG65KrPgRog-fDUdGTHggsamr3FFAfQ1gaA==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202307190925/ 		251 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jul 2023 13:26:13 GMT
server
cloudflare
x-amz-request-id
GWA78YN4HDYVPW2X
age
2429893
etag
W/"6c476793b39193c54a91ff561ef3a8e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7f7c49dfecd42c56-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
y1S3Vs0QYbvbbLtPKg8GNogRH1HQvc9PhARbEBauHAlEzUlBh2vvmGqjFPLYL1XybPK3GmrSlOM=
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&pid=d7cbJwDJZhFQh&cb=0&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
F22D6KAJG9VPTNNSN8M0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
shsvCfsX65VgY-ZJyw3O3pBQtL5htNuoGOq2nDtcZglZnM--IxR6gQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&pid=d7cbJwDJZhFQh&cb=1&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba_1_1_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
D9E7B1PP8M6BJA4N6TH8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
al2uO2velZRJ4JNT0WLCSh2uVZTikKQPbQCrYOh0_lEgArw-DBJ8SA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&pid=d7cbJwDJZhFQh&cb=2&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
8RQYAQDFJ3X20Z5GVQKC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
NIDgOxiSzPYH09J6-XYfBJMEPRNc_T6I2V1zvetu0JgqX4BvlmBwnw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 17:34:56 GMT
x-amz-cf-pop
FRA56-P5
age
61192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8Bs9o7Zcwann_aFVDm_pjOqF3R70F8rwZJmC5ndliEdSF244ScQLaA==
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 16 Aug 2023 20:04:49 GMT
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront), 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-apigw-id
JxPLRHkIjoEFnaw=
x-amz-cf-id
GGWTG5kf-TwkGz8kLeCDh2iTyNYMrENVYl3da5807JHXzCdUzwqYZA==
x-amz-cf-pop
PRG50-C1 PRG50-C1
x-amzn-requestid
864edad3-771c-4116-ab5c-19a406d16517
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 16 Aug 2023 01:27:25 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront), 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, PRG50-C1
age
67044
x-amzn-requestid
54788529-8871-4b47-a0c6-b1f8b9a03f73
x-amzn-trace-id
Root=1-64dc25fd-608a58eb695a3098320a96b4;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
JurfoFpvDoEFeXA=
content-length
28
x-amz-cf-id
6x5I8socl8KDJzWv85GlWA49njB9KVOSRjV-a4gaYEaalBNKfihChA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 16:55:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
11342
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Aug 2024 16:55:47 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		759 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.idrlabs.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:09 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
4059
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
759
x-amz-cf-id
3pPRHsrY177cvXIpiiaCW65DF2GBHdZ9F9Hc2UxgNYr4BwoxOzw4rA==
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 16:35:35 GMT
age
1567754
x-guploader-uploadid
ADPycdtSuwOtdU3RZCf0eaazb2UPGE9w2GvW3-ntwLK7pw9OAEUOa154BV9Nq-v10SJDNfes7We67IyWhvMmn4_sGrcNHheRRpN6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 16:35:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=s.d&u=82db8863-a5a9-4646-bfc4-7efa7ca1ddba
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 16:35:35 GMT
age
1567754
x-guploader-uploadid
ADPycdtSuwOtdU3RZCf0eaazb2UPGE9w2GvW3-ntwLK7pw9OAEUOa154BV9Nq-v10SJDNfes7We67IyWhvMmn4_sGrcNHheRRpN6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 16:35:35 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=s.d&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 16:35:35 GMT
age
1567754
x-guploader-uploadid
ADPycdtSuwOtdU3RZCf0eaazb2UPGE9w2GvW3-ntwLK7pw9OAEUOa154BV9Nq-v10SJDNfes7We67IyWhvMmn4_sGrcNHheRRpN6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jul 2024 16:35:35 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
262
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhRYrwp5P76KXIHADn6cG5IdGBsK3UiuaJWngTfDVZKSfRhahB4fMzkw4oy2R3ZTwcIuesA%2FVCxgHxpd%2FGXQbmMSVM2mU0ZtRzm8JTWrdNmOnJWUg7Ft0kncQ7R5B4IkJyofQehb9UnhnybiDRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f7c49e16c18915f-FRA
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
588bcf3ac3e3d797c06b2a904d01edb4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 17 Aug 2023 20:04:49 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-19.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
30579
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Ccqu_3lwQr9W6PB1BXPpjZA4MU0gMMfL9fG8PifanIKs_surQycUAA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:1000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 16 Aug 2023 05:08:18 GMT
Via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
53792
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
tGvXqTnOIbj-WbNDhekVYgoLd-xsuVfmkKwIF_wrTApRzOJNyWQHIg==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 04:08:06 GMT
content-encoding
gzip
age
1612603
x-guploader-uploadid
ADPycdvE2WyTevnCitsAeEAugbsWUFu8GYqtRkb4BycIr1B1I6C3sPaIzNTE5wcZXnnEx4lrHqapgpLC8PCvUyaaHibaCcD0Frrn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 28 Jul 2024 04:08:06 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
531019
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f7c49e16e4e18e9-FRA
expires
Sat, 19 Aug 2023 20:04:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398680952700841&correlator=312931600003927&eid=31075592&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692216289466&lmt=1692209089&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1200&ga_vid=1630745151.1692216289&ga_sid=1692216289&ga_hid=1713576858&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtNHN_58xSABSAghkEhkKCnB1YmNpZC5vcmcYs9HN_58xSABSAghkEhcKCHJ0YmhvdXNlGLTRzf-fMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi00c3_nzFIAFICCGQSGQoKdWlkYXBpLmNvbRi00c3_nzFIAFICCGQSFAoFb3BlbngYtNHN_58xSABSAghk&dlt=1692216288622&idt=801&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D1%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D20_BB_notchrome%26hour_browser%3D20_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3Dundefined%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4164803795
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f68b82444e688c205ca9f6b1f56a1e7123bb18f313ba513e8180836f35b20573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12432
x-xss-protection
0
google-lineitem-id
6151851485
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409613079
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		620 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398680952700841&correlator=3595654629919760&eid=31075592&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDH.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692216289475&lmt=1692209089&adxs=343&adys=524&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=20&vis=1&psz=320x0&msz=320x0&fws=4&ohw=1200&ga_vid=1630745151.1692216289&ga_sid=1692216289&ga_hid=1713576858&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtNHN_58xSABSAghkEhkKCnB1YmNpZC5vcmcYs9HN_58xSABSAghkEhcKCHJ0YmhvdXNlGLTRzf-fMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi00c3_nzFIAFICCGQSGQoKdWlkYXBpLmNvbRi00c3_nzFIAFICCGQSFAoFb3BlbngYtNHN_58xSABSAghk&dlt=1692216288622&idt=801&prev_scp=pos%3D3%26monu%3D320x50_A3%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D20_BB_notchrome%26hour_browser%3D20_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3Dundefined%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1376408646
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5659d03114cf5fe224d600aa403c3c2dbb3f167d841822904aa5fdf7443bd80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398680952700841&correlator=2617705411433670&eid=31075592&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692216289517&lmt=1692209089&adxs=353&adys=922&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1200&ga_vid=1630745151.1692216289&ga_sid=1692216289&ga_hid=1713576858&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtNHN_58xSABSAghkEhkKCnB1YmNpZC5vcmcYs9HN_58xSABSAghkEhcKCHJ0YmhvdXNlGLTRzf-fMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRi00c3_nzFIAFICCGQSGQoKdWlkYXBpLmNvbRi00c3_nzFIAFICCGQSFAoFb3BlbngYtNHN_58xSABSAghk&dlt=1692216288622&idt=801&prev_scp=pos%3D2%26monu%3D300x250_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D20_BB_notchrome%26hour_browser%3D20_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3Dundefined%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2116473628
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3ea127b9fb84b0b96199d67b98eb058e8921d23d3c71b94771071b7b9273245
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12011
x-xss-protection
0
google-lineitem-id
6151851248
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138410129707
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F45 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:49 GMT
expires
Thu, 15 Aug 2024 20:04:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
K2PQDZAXG1J6M3EF
age
311
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f7c49e1bd3a0374-FRA
x-amz-id-2
5umSE1CRcimV54V9PsckJH/EPigJG/hUC+nOrARJkWlrV578j+JNUqUac2/F9aiNuhrklSosyhE=
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
75075ffee137a54742ed80b6dcc6fc357560bebbaa954c0ce8dee283657c40c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Cojvn7xS5hwx6ffajGjEdXIRV78"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 16 Aug 2023 20:04:49 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.idrlabs.com
location
/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame A4E9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:48 GMT
server
Kestrel
server-processing-duration-in-ticks
322472
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
encrypt
esp.rtbhouse.com/ 		241 B
514 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
706a4b7adfb48dcf542e2697e3ec9be788f9a09d61a71dde243b204e6d7b52b9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
a680706dea4f0e87f089555955a694dd
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0d9c41314ce201ce624d2d82c9c55edb1c0fc5af1f2698c25ff58b9b8eacc40d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
x-server
10.45.9.176
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame A4E9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SlYnRnxhSXVkZy9RQWhPYTc5K1Bua3FTR1ZDaWFVNVF4WG9wd0JRbTh3K3BiTXl1RWhESWt1Zk9ReVFyVGtOTlpsSm9DUmF4dzNlRDUyZjBQODU4bzNSbmJXNFVEY2piUHlRYmtQSFhaa3Jid0NidWVPYnk0dFhKOTVMNX...
427 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SlYnRnxhSXVkZy9RQWhPYTc5K1Bua3FTR1ZDaWFVNVF4WG9wd0JRbTh3K3BiTXl1RWhESWt1Zk9ReVFyVGtOTlpsSm9DUmF4dzNlRDUyZjBQODU4bzNSbmJXNFVEY2piUHlRYmtQSFhaa3Jid0NidWVPYnk0dFhKOTVMNXQ4VWdnejZxOFJTSGt1L0NnQ1M0WlUwZlRZK0NSR2tpbmtrbmFqRVh5S2JNdDl6ZzI3QklrTVFadjRscHdrVFJ2YkVCQkxUa0xSRzFGOCtDa1NaZ1dLMkhPalY5WWVIeEFpcXI2Um1BNTNyVG5MOXNjNkR3d1haYlBCdWNEanNKV1FEVS9WR1MyYkc1NDJVaEswV1p5TGE4NHVucE8vQT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9bde47abff1fd70885dbd37f0eece86adf8f9041b788f713d38625e210d2ca81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1308508
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SlYnRnxhSXVkZy9RQWhPYTc5K1Bua3FTR1ZDaWFVNVF4WG9wd0JRbTh3K3BiTXl1RWhESWt1Zk9ReVFyVGtOTlpsSm9DUmF4dzNlRDUyZjBQODU4bzNSbmJXNFVEY2piUHlRYmtQSFhaa3Jid0NidWVPYnk0dFhKOTVMNXQ4VWdnejZxOFJTSGt1L0NnQ1M0WlUwZlRZK0NSR2tpbmtrbmFqRVh5S2JNdDl6ZzI3QklrTVFadjRscHdrVFJ2YkVCQkxUa0xSRzFGOCtDa1NaZ1dLMkhPalY5WWVIeEFpcXI2Um1BNTNyVG5MOXNjNkR3d1haYlBCdWNEanNKV1FEVS9WR1MyYkc1NDJVaEswV1p5TGE4NHVucE8vQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
219159
content-length
0
expires
0
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=p.l&u=bd54a1fb-1ef4-44ba-ab83-7f8481ff624d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 18:36:34 GMT
age
1733295
x-guploader-uploadid
ADPycduCPurGylQ0nNV96vUn_uJbjJ3YdvZ3jn6Eovge7bcsvIrW85THqWtkura-oH4zp6vGbZsfoBJ8NjsqPlRBeQNjgAQdQRLE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 26 Jul 2024 18:36:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
403546b0fa73838d64209e1b65c0793774de266a05248ddec476ff084cc5bba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11715
x-xss-protection
0
ats.js
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 		170 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-48.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a85afb7e1570cd2c7ac5857e79f8af2ecd5a2c9dd05deba5fc1e195fb34a096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
iNNG_4dzPri5pLkdsn4MvlUbOGUvmnhG
content-encoding
gzip
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe8.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 19:48:01 GMT
last-modified
Tue, 01 Aug 2023 12:13:14 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
1634
x-amz-server-side-encryption
AES256
etag
W/"7c33194ae1e9d64703ba9daf76065961"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
9sYyFFSVhnujTTAeqUi0rGOV15rXSDu-sxZvbpjCXGm2ER0drRbhxw==
1013.json
id5-sync.com/g/v2/ 		276 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
713139b81c59188eac4579fcbcb0c63273f5d75ee54b78b679ab07c6853fcc2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
geo.privacymanager.io/ 		28 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-111.prg50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 01:27:25 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront), 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, PRG50-C1
age
67044
x-amzn-requestid
54788529-8871-4b47-a0c6-b1f8b9a03f73
x-amzn-trace-id
Root=1-64dc25fd-608a58eb695a3098320a96b4;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
JurfoFpvDoEFeXA=
content-length
28
x-amz-cf-id
0W4oXAgM7oijN70BjP-2yN2g96mlmeuLyZ7UHZmVmySvt7i5id_m4A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:04:49 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F358 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 16 Aug 2023 20:04:49 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E273 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 910F 		831 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e00393cbb3eabec3e67ac44c8e83c619b89b3b598e35b08c7b20809816e680d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l8P4FdLQRdHlFzoB3yPvKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-l8P4FdLQRdHlFzoB3yPvKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:49 GMT
expires
Wed, 16 Aug 2023 20:04:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=p.f.i&u=FJ401M&d=%22%2Fdepersonalization-derealization%2Ftest.php%22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 18:36:34 GMT
age
1733295
x-guploader-uploadid
ADPycduCPurGylQ0nNV96vUn_uJbjJ3YdvZ3jn6Eovge7bcsvIrW85THqWtkura-oH4zp6vGbZsfoBJ8NjsqPlRBeQNjgAQdQRLE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 26 Jul 2024 18:36:34 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame E273 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 910F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=398680952700841&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E273 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0N-_qg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame E114 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss7ikF6L_-wEG8OPkQrBwqwMEVu_foItl_n4B-bjaHSU89h0-r76AYb1tsDqblT57efs0SKdLICn-kTQ5RqJfWF_7NIxD2GpL_znhLW9QA8kHlSFVNrZsJo_rGbQlZoHQD6Au2_AfYhiEadpGCzADdWe3QCawiesXZ3O4mWJuSbG9qVnTwS6ley-KttcCqd8gRr4Y6DULYqr0yYty3odQsaxfFTO2en9tQ-YuGUAf0n-fLk1g5cfJHU_ikxzudUHPDtFzegP3gxomX-Z9N6fenGd74UOuME8gnuNPisr1bVrhlNNssEdv63-_EaXYSnSmqTroRq4k24wFxJZvHdwPtlPP0apXPqnJB-reg6g&sai=AMfl-YQZoHXGDZf3SSv53a31TWYTOxQ8hISkj1Q45xGRv2_Enx-lwJjSnM66cBpPlbSQA_2vvvLAgXZuDNsrI47lG4JrchslqAe-m4tP2-DmXCJvlmrfK4er05g9FQxcJAp-UZ1-_jk-Tb_cnSNJmgg&sig=Cg0ArKJSzFClYTa1XQonEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:50 GMT
smb-dispAd_300x250_single.js
saambaa.com/widget/gpt/300x250/assets/ Frame E114 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
66aff2c68283a6079a74e741d89f6d31021261276178f2eb15ae9b3041c5fd7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 03:55:21 GMT
server
Microsoft-IIS/8.5
etag
"805ad37b3ecbd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12652
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E114 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C34C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuy0DcvcRZKQ7iS_Rv7GY2hbAAA4Ky4IbEusUUSdHUyMN8UJnc-I4W1k7P5uCg3XIgGEpMpnpj33oGPUS0RtVcca57gpfYMf_ddv2tYK83PuF393FUkfWEXvne27h1iR4QyB9Vn3K3MA-9O9K3-ANvPUYfZmra-PmEviop-1QfuU_GqQBW42uqshop-ztHAQx7RiK33synJhx1ECoS_QZp0k9iVQJAE_WKZrf2m8Pd9LJzgkD8zyi76w7WCh6IxUxX0oZU8o4sUnzar9fXWGPEV4PyS-BzPEiMfpL7c06TCLaIouHh2cyECwCt15irkqTXuE4dvkT52lpPVWEHA05G0L4NKJ2B2hSzld9mkQ&sai=AMfl-YTK746u0pdiHTn6cRN8FFLFsFUFj1mhwVjfQyuBXnvsHs1cCkK5ZpBX9Ku6Q9HNUrIHEdmibgxGTPzJyvkkXgbrMYW0TYEdcaA6FcI2x2But8nGldd3-vfuZFG_nH5cY6kS52h3uGxN6oUEW5DV&sig=Cg0ArKJSzGQ3nU_OhjXUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:50 GMT
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame C34C 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
867b45f6bfe5bdb5e57199a4bddb9115a3e5e122c21541e36334292ee26b93bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:45 GMT
content-encoding
gzip
last-modified
Thu, 29 Jun 2023 21:52:27 GMT
server
Microsoft-IIS/8.5
etag
"80df92fed3aad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12293
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C34C 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Fdepersonalization-derealization%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/depersonalization-derealization/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
0M0PA8BDAZB1R2J6RAW5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
ubf5YQ92J0xzkY8hJVC7_vbVwnzGqXerjrDH7fTAEBDN9y78Z1ItHQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&pid=d7cbJwDJZhFQh&cb=3&ws=1600x1200&v=23.725.1446&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%22%7D%5D&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
KWXJTCZSJSQT3K84SWM4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
e6EUsaodO6ofshcYeNxkhkICOitSC2fMXxXI-OMkqWuJM82wUOhCfg==
mmt.gif
imps.monu.delivery/ 		37 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=bf275f2c-a982-4318-a3d5-f99925191918&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 18:36:34 GMT
age
1733296
x-guploader-uploadid
ADPycduCPurGylQ0nNV96vUn_uJbjJ3YdvZ3jn6Eovge7bcsvIrW85THqWtkura-oH4zp6vGbZsfoBJ8NjsqPlRBeQNjgAQdQRLE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 26 Jul 2024 18:36:34 GMT
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2276b6d1d8-9f58-4ac7-a92e-f3232afccc8a%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.idrlabs.com%252Fdepersonalization-derealization%252Ftest.php%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/depersonalization-derealization/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
VV68SS1GEK919SZN81HW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
dgE4i5LAeJ5z3zNzk4Lw-LWEDNo-iPwfWY2Y_89irStAirI8dCCEzw==
truncated
/ Frame E114 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f387217a1132abf6b1af8d7623de52195e81097b23ee7f39d80bcd954114e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398680952700841&correlator=4355791912723335&eid=31075592&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C320x100&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216290150&lmt=1692209090&adxs=805&adys=1155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1200&psts=AOrYGslD2Okd8OSOsbshgT1hhsNrJU_c39kFjL6G1aQrKC0d7wLFT_OJp8gQeqNUO3453YeQue1343EWL8dWRJRAVcE8nQ%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsl2TdQzF7VDjbUnO9IWvPbFECL_rR8gObLST_TwO9tyS36Vlnb3Y30m693g5j7qFNAi13pAbQWojaOlBJj61Nnivg&ga_vid=1630745151.1692216289&ga_sid=1692216289&ga_hid=1713576858&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYtNHN_58xSABSAghkEjsKCnB1YmNpZC5vcmcSJGI0NTYwOGU0LWVmNzktNDk0Zi05NGIxLWJiNmFlMWUwZWIzNRj_0c3_nzFIABLWAQoIcnRiaG91c2USwAFnVTZGWDZuNnVDaUJqOFd6dFdhOEZRZ29mOTdUUHNjYlBWcnhxc2ZmTUpWbjEwWGxGaEtpdDZ2UFBBM09PUDVuM0Y4ZHkzVFRwR1F1Yk81TWViZ24vRVo3Z1ZQWmdLZml1TDFVMFI3dlRwWjJUUzZOVW12K3RXeG9tdjdKQllhdS91OXpDcEdKV2lmVDBKSFJodEI2MTM3U3gvZ2d1SlIrNjFSR3I5WTBIZjIyOXoyQlJJMFh3KzY0eUhvZXFTNWsY5tLN_58xSAASHQoOZXNwLmNyaXRlby5jb20YtNHN_58xSABSAghkEhkKCnVpZGFwaS5jb20YtNHN_58xSABSAghkEj4KBW9wZW54EixleUpwSWpvaU4yMXNhRXBwTUZGVU9HbGxWVko2TDNWbGJVVlRaejA5SW4wPRie1M3_nzFIAA..&dlt=1692216288622&idt=801&prev_scp=pos%3D1%26monu%3D728x90-320x100_B1%26slotNum%3D2%26placementNum%3D1%26directDeals%3Dsticky_bottom%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_notchrome_0.00%26context%3D20_BB_notchrome%26hour_browser%3D20_undefined%26hard_adx_floor%3D0.00%26thales%3Dfalse%26slotOnScreen%3Dtrue&cust_params=page_num%3Dundefined%26big4%3Dfalse%26url%3Dwww.idrlabs.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=995907353
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9b01b84e51aee09464fe69dce90e1196ea7d7310a60775defd32f02915e0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11291
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C34C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcdc185bb7b777198d396d8f2227dac57b6af4d911bf0cf673d891d194fefdd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
container.html
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B34 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202307190925/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:49 GMT
expires
Thu, 15 Aug 2024 20:04:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame C34C 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 18:32:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:04:50 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame C34C 		1006 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame C34C 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 20:03:24 GMT
server
Microsoft-IIS/8.5
etag
"04e99bf32b4d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2981
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame C34C 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=17664
accept-ranges
bytes
content-length
78875
expires
Thu, 17 Aug 2023 00:59:14 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/ Frame C34C 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/0?callback=__smbcfgldr158465
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
570c1a09607544775e1774e1e06496b83106ad6034eaf639e8dab9dcea8a58b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1464
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame C34C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23396
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebp5Ul5l%2FR5DJFmotmnZFnL1BxWA2kv%2BX7xogDtqPORz3zzIlKjnP8ynVVlPWRia%2BrXavRUMnJawIVSIRDPBwhK3YczHDAjohERua23fwbXnRauUy8YS%2B5Wiim6jdA4WA4n%2FCU149TdC87ocl1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f7c49e84fe3915f-FRA
gpt.js
www.googletagservices.com/tag/js/ Frame C34C 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
297bc95664b1b2d90e4be901e537c6b63d4320a3a07c45b60e36961163048426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29044
x-xss-protection
0
server
cafe
etag
610 / 19585 / m202308100101 / config-hash: 14817961918254774615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame C34C 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
analytics.js
www.google-analytics.com/ Frame C34C 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 19:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
907
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 16 Aug 2023 21:49:43 GMT
css
fonts.googleapis.com/ Frame E114 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 18:46:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:04:50 GMT
select.css
saambaa.com/widget/gpt/300x250/assets/ Frame E114 		1006 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispVidAd_300x250.css
saambaa.com/widget/gpt/300x250/assets/ Frame E114 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
last-modified
Fri, 07 Jul 2023 18:27:33 GMT
server
Microsoft-IIS/8.5
etag
"805815b20b1d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
3071
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame E114 		233 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=17664
accept-ranges
bytes
content-length
78875
expires
Thu, 17 Aug 2023 00:59:14 GMT
0
api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/ Frame E114 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/0?callback=__smbcfgldr300x250967756
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5515f75b51681686fd2c196fc33f4d7bd74f3e7bdb4a4d68179a003ec1a0166b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1467
vary
Accept-Encoding
content-type
application/javascript
ga4mp.umd.min.js
cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ Frame E114 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23396
x-jsd-version
0.0.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"231b-bu7prZXfHly9j0HIF61RLekhwNc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4T3gOKHgreJ2OtpcZUnO2eq1qZeIvZr%2BQNIAxDXO%2BfiMAn0wOpF9NwGnpmtGn%2FZgU8WmkSYLUNJ9hO9XMkD12dOQFhStClDh8Itoto7OM5DiC2YReuOfaPUiC91KIA%2FwZnylAbI9K2e31tmNP4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f7c49e84fe8915f-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E114 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd3ae87ff463d6fcd9f72f363cf6e2c24ed2221b334063ebe27d2797789044b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29044
x-xss-protection
0
server
cafe
etag
857 / 19585 / m202308100101 / config-hash: 14817961918254774615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame E114 		354 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
last-modified
Mon, 17 Jul 2023 22:48:25 GMT
server
Microsoft-IIS/8.5
etag
"808288cb0b9d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
115053
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame E114 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Wed, 16 Aug 2023 21:04:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 008B 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1B34 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B34 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHRDFrI4FszCfwZO12ZueiqXjHdUjs2RFN2P2Gl6cYo62M0cgqVmtIOs040VBOApRAWm6uP_YniLuZXmP4SyYsY6nod40MGtIH8lZOyRMKjJWBwqk
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B34 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9629528392576996133&x=1&ct=76
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1B34 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5381
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1B34 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5380
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:10 GMT
l
www.google.com/ads/measurement/ Frame 1B34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQ113pBo4hqHKKYIuhX7ePO4WOk8vQb9KQYXcIQ1s3HXjLRn4IXlVc9JFGqtcktRghXHBkdApWXRH3ZQrkE8vUnr6fOQ
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1B34 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:50 GMT
pixel
protected-by.clarium.io/ Frame 1B34 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31h7vv6rbs&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERBLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTViZjVkNTc0LWI2NWUtNGJjZC1hYTU1LTAzZjFlMTRhYmRmMl8xXzJfYWQifX0%3D&cb=862298&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.16.86.227 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-16-86-227.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=398680952700841&bg=!n5ylnMjNAAaiGN5Pghg7ADkAdvg8WphQk97iNYy5SNn9df4PJ-Y0BObt3NU0vaevmlyGP1_kNjosIPi470kbM3ok8J4zS4eTqd0CAAAAllIAAAAHaAEHmQLGb38MmyvVPIi_Ae8f8cEtwHZg1-Nv1ygQW2rxih7XveN5OFdkyRykk7DuYBnKK7aPl4rUsklNj2WK8CidipxR1tm4-kydbCWsvZ4mCod4-v5QhTo2aanqXRrfTJ5McWPeRWcng-PXuCJ94gxQZDA6FsyjaA1ViXg1ON20ndr3G7Ef901zPjs_dlOPOST0DMcN-BJ3pjpb09biIsB_bg8219e5iRdJ-BFyI7h9o5bRgwX_5bG5nudmAu6icpihVwTlEd_7MNYKO1Qfdt7V7-rcYcYuRRqiW3pyz3_sCStqNta28N8GFKkOjQfE784pzQve397ePGZFfAJLT1NG-2AXKBcZ14XKU_-jNpC-kXfUSJV-cPZjtE9vIM4EmMa81cRSF4Z8sIRsatatCXkJlsXRH2QXIejKUHqoW_NWpARmz7imgu4GwelGgc4FR9HpVTwyuo61beGTGL_f_tSXkcKQOPnmd9GJdvKA8-bfvv7yDHs1esJDTMwKg6WSbEkwqyDlAvRl3hhRn_TqACe7smoqRUwe72TwUry5knkksmpk19rqiLXGbV_o9cGzM-e-ztokzDGWe-MoSmxKOHhqFCrO8RoEM2b-h0euDE5yEjoUP8AS9gDZzBLjij2Z6zYPWL-SdaeitD94MNN6nMrTcuqaPvf8fl32eX-6cydQ4xqnaHWlVpDeiiILXjYSFGbwvqPbaRxh0T67OUZ0IrDkz_B5DewMh-QfFzjzlt-_RqBQjUSnOk-yfMb_2EgZTfKcYY44hPYI5znxfTq0jkauoHc9ZD97Bsy7wTLe6Lu6g1rsbDFGP7Fdfkmtl_4lC7t8L1qJfbkKfYseVDNpc040IbXVk4YIboae9BYS7bNb_XVvhOofEeSsAI_fLHIySts7zgN9hAcPr669LLLJXI51WgtRFWGQt3sGlkiDxZeFXBjNnONMHyfyF7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame C34C 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 16:55:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
11343
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Aug 2024 16:55:47 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame E114 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 14:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
19705
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 Aug 2024 14:36:25 GMT
rum
dsum-sec.casalemedia.com/ Frame 008B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuOHftOYJNn%2BJUfXOwPfPjcHF%2BPxZgny3PYo%2FyAm43UzZvKI2nE59gduBYXU6ISeTxulcBOzra0bo5GAuMuZ2soWR5omtS1%2B8st0qIGw0svCEK2XpRCRcaAKAFWrr5T%2FdPjpmWOrKSfc3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c49e9fa3c37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 008B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN0r4gzkfLKSDsPHFf0tggAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVarU1YRzMUTgP6LLhPdWiQv%2FhQ6lO5sUzTd%2BVksSDInANk4q11cJFm9Nsc%2FCHzZgm42YNmnvPhSOTLkB%2BNPcuzfyxDeJ5IkOIW1uRRZ9KwlLLCyFo1xs%2B22lb6tUg06k1mZYuhD86fgBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c49ea4ab637d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAoOaF13EdtHBbOu9mznteI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 008B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBXXuZvo6KDzs9qz-62rYuw&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXXuZvo6KDzs9qz-62rYuw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
an-x-request-uuid
94e25fe7-cd3b-48bf-80da-750e53311fa0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBXXuZvo6KDzs9qz-62rYuw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 008B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3MTg5NTM3OTY0ODcwMTkxMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3MTg5NTM3OTY0ODcwMTkxMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIYwZ7E6AEwAQ&v=APEucNV3O_lXxqq8XG0KEzQiIYiRn9fGzJ-unrERbrz-sPqNCXRqJYGn15Hx5LLoJRTK4tbFj2r1i_KmaZ7mIPSP_ZLz62Bh9gis_7AHjaBoO6IxwEM_lb8f_vJvjvTDTz3TM918vWmA34LHHr-Vx1TZeeJluDWYZy_K8k8wZeob5Zfzzib7vDz2bm-Re381MTXvnvkbQrao
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
an-x-request-uuid
579b4437-0320-406c-aa6f-bf9c2d4dbc31
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY3MTg5NTM3OTY0ODcwMTkxMg%3D%3D
x-proxy-origin
178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5616038927925&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5616038927925&version=m202307240101&ct=76&x=1&cor=9629528392576995000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1B34 		93 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnA1myv3QtJcQDYHg1xpjc3YWAG4TF7rU7gH_tG08HFc3EeCOK4vt_Y38oaY7Njr9HPi3cSa3YrhlViKY3tHQO3U0wggFp7JXd0cNtu6a0mQck2Uwn-nCuxGcxv7MTeujxQlVy6esdccVQQDNhqZ9ODZyFmbEnvAS92HdII5pCfupUWpI&dbm_d=AKAmf-BVxv-xltwZaY0Pc2hZEIssdZZduq95XnMvCd-HRLCaJf_QjGkhD0aRSSyn6PU9QGb4s8DD33bNU9ima8DO95p_JLhLtc3C3qO8Fi3W-xjCLK05wpz56kJUkJ5JN761e1qHE6DmunXG-Ez8uSSDkGOgovWRBU3hkUh1oHitZ4j8HkYgPb_sAswHcPjdcxwGNa7pDu9uEIb8ny6Xu2ma8goZ-YDzQ7NILN-lS4AUd-rV4aVh7h2CQ-UMNeH9oJHY5EbfPm-wup-BHNlen2KNx93ADG8fTqX2kX_xFdbZmhsjAEdlNbpAT0ERkqsrVGH4cABULNaggXodpykXGwI77ggR443Zi1x-9pkH2DsHi7u61TsBGe_O7SapWjf7rDLfb0gs6aE6evepj_0w1uIMUhxcab2tyTDO7IaVi6UQQEufU_r5q7aAY5raY-VPqImHe22yEKqqpPsUfmvmpxg9qmOiwpBJCMTfap65ZftujbqpAk44-AbRGBV_KnS8tYPj5V0JbZDWuDi7snEPCyI57UOIaCT_TGHlrxb4B-zfTWZt7NwpvTaYd1SQrxu_psXzrK-RbRSk8gK0Svn0D7VT89YcN2-lSzR6S8iohyrfDl2jdRNC3vcvZJAXHUAHWfC1WYraUWRnswAOjoRjGzFGwpZkawgIcYKnnT3WCDy0Eq_GtInK1qfjn2aV3tWGNxR5SRUclNkUdIfWIbSv9uylhLRBmFjfswoJG-mLDrFN3ACVxU0N3GP171mp1cbSog5MmFojrqnRzOyMrkHIGmu07G1qudy1DglTbWD6IU7Cl_KqgtxEntdrh3CPWgQOYqP8pKeJv9KPd0jixctNZEthEtWb_aVJpRY34to6Kto2pGKzG8Wws3Uj1qKbLwkrWYJlnhESLD08AfsyCPi6kD9nzM_xyIMlWeqRkeGe7RTSmK_p-PpAdqJ3xlwewPW4h6_8dztOaQLpCyvY5ROLzBfZQpR2OcWBACoG7jqLOR1-WvH-7x3vdjw3rW_ODskxTypDx4zwW8yVnJJkRbydz9GuOteiMHpDg1IDL9VJPXyo3qZGi55ahZu1LxXlHzqfT5vLn88fwaa4Ol2zL4rs99_Vu2cB7QHPRVvdAx8S4ophXDsp_b0s8ta8zD2TDvovem01SjP7JnKbPOa8ulA7f_VsOwxEeRZbGF7kj2Um8repwno63AH1ovsfx_PXqd-rJfXrK5PC6avzlUM_dpOrph8T3KR7E3dksiTfAk50fxsCorJP-sf8ZXAa8K5dAybVQBrWSEgUxVoJyI5-ZKCV0rA7PiehELwLscbw0lHbGw3kvAd5ITNwZ91Bh-SpLaHS7kCUW95EoPqw9S-wC-3Am1FdP7rv6EFoeTb9H9whMTfuzpSsJRPP6ANwASXUQYVPqzgZHzTTZwfvjMbW6ruozByBy0TkNSc3b5dQPG1Jiyv7d0n7624sIYSXTq3ub-w5Eu0zLguVilvhUeKL7zGnSMcae97my043lkNC-uRL2kuelxZFzanrkwp-5_RQ-KzD-oe0VyXE_E0IUI9gl_BLs9LEONM9YrhSwtybyTKWmOKTScsDqL4zs6bl10RfnJ8TMN48gea109G_vOJzQP7BRpOoienRnqoGAfoM21oX5WOYluX44G5-bbCrT6McsOuJP37siI55E7_RvynRg9nWr10ABs72-m5Xfd_WpHBqdvZkRHIDjqV8WCaoO3W_K_flUdOO6TYRVdp43554hkB0kTp-v0KUcBSVRTJTzfBfVBkwc9aPVT_ppJn9P4BMiv5RCgkYEPhrQof_hk7hX0JEWX4E93togSrVREFTX_-xVoX2hVVBw_HIjHHm_YbYijo9cy7kqDHfPiGlFwQwqA9rfsYYXha1TeZynQmnAb16Kg8uKONtMUqsFw2Gleo5xCeQ9auzAyS1vWakBWV88U0tkkovE-slU6UklUcCGfXeYcnMxQul3QU69cZBnhF3r7-pcnB6f2qc20MfEPCueteNBWN5lRHUeH03e1RWWI9p_kT-ptGv89YjpB0n_uutJlVcXrU0wTzkBQdArAbVmaiW7aJLTxgNqWTtc339cKymGhGUkg-7lXhYzE8nJaueXbZrNfdAehy4gDVyc5fZFSqVXsMFDmdw_HSusVpveTbdTzaBVG7EmRAncixlWIWGwF6votDQ31vnqHEa8GOKAfcOO4u3c3wTjnWpFjvvy2kRqnoLxwEwlIcQ4WDaTrqDS3tSQeQ-h64hwZSULWFeek_9eQYWsAWV0QC3DkHnkyCoGaHCf7Hoi1l3wtBZa0cPzyaui8ww8k3vwQWjoIvattTgtO2U-msAYuYzdGdkhqRrFmDHtz2pfKhPA48IF02qpWQFVJweOHukLlASg13B6L2WY7ei12RvFFCsyUpjQeFlibzEtTU99pBZU5SxyWIipQo-_cyuNPVk8vcpI9QYPZqkeq7EDlGJSmzUU83eqRIOEvi-vGQ0mQDWi8_XXiCMm1qZhg9vwJnrVXb2ElkLWFYdol5HB2Ptlgy3ZxS_S5e5MTXhlcTNldzxoEFzp2kKolDv2PQvnPxBYl98N5i51cuuLseWEOnRobsPx8yZAMUWZGxXcETBD4Rz--uGeXXqSUKfYJ2606Q3xMtDSEQ7XKY_j5qXM0y7gfX8mLgwN5HqeAbO4mKfdtK0ie3Cyd65EihhVbaldmioD00-JuZV2z1k6LbQ2c37JMtfakrONWAKKFjiEh-hSr85hw_GsMkn9yRZvLrNXN7V0ZO5fToT6gjNgxIB-9wCkn9Cu-LUh7yXznI5T-aWl1G3n-ucL2YVpuu0JnMN6vXNYj4t_3quz7l8xm5zszwge4pjNNfeQdg5_pulaplSLPodcGEeyF8tQQbmbcWSzIKXZSptdlPQUCQowu_DnLimh9a2KyyvgZuuHSj7vtCRRx77ZMCQIBF0Fnu9G_HM_wxsW9u8iJ1PWD0UsIZDT8byGmYasve9EKfE5Ajocc0Ogf8IcOfvLgP_995jXM6RJEyBUmkSzHAC1434u7k1yXxC9uo5DrZ2lqvDX2Sd36ev0kltA9DOOFmmddGl-Sgb9kc9mbPvYWyImNkbVAaF9fTe5n8k0NrzSiHA7AIgbjYIzoAtDGg4toUs2afy4zeXHs-2A29aIzC5fh6EYki6ZrjdzGvasu-9lSWNcFLRzdd2Rjrfa_y4PaAAnPC-KALUE_w5B1JQx7YwoIr-aelc-PGaVCcHnQuTp3_SsbR99oP0AT5K8eVFG6-_JOu0dm1IRWEM4BVDyWhcNe4zsNze7q9ZvemqNzrtw91eGbkymC7sklb_0Qg97Y52kyRwIHO6zRaaUoDXqC3_7qgWbyWOrCNHgeKoeV9Zq_vwEZphWr5YB_Gn4gseWhBkQF_6iCaHNFHefxA98NZNCJ8iwVI9sEcn_7_5AjZ3-LBwNmHfG6V5xDBnvxwKpAqGBYAA_UYXQdualqgghqtuBbfm3tGSEv3FAiRRlad2MMnXkWYSGTmaZGk1S63CnyrAWtqtDnx_Qidpj3QRxLU0nVLiF6MqSbpfx6cu6K0qQHgLoYiWaBA4IXIXq_wSPLYsTwpYx9agjEZkt-fhFMOI1KBdEA7Ja7FLvjVBLp9tp7_s6MdhwwVfZz0fhaSJZf775KGCfPoJgH_VI7sLit0C-MSXI1Ze7M-eaFU1QBudHhb56tsoZSRrXB04bCCe4YZU96zJWiFS3V8r5Iw1hxOJM0yRbsehmeFRJQeZbtzgYe4U4hqjMV6cD1xs6fDhLMhHNQw0qt-47lDNJKsd&cid=CAQSPABpAlJW7gDUXIk53B-3UjRsRBlvMOdZCNeNMCB6r2ec_KPl9UGMhvUFR7rNGJaKyHmAhqm9XynJ8_TrSBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=9629528392576995000&adk=3690638929&idt=162&cac=0&dtd=16
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67bdba8af09c1f4149f3b080551406847b0dbea8134b6fce5b643b17f71fa5e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38834
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1B34 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
Origin
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:22:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1B34 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 1B34 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1B34 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1085 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 09:04:50 GMT
etag
48472445140208031
expires
Thu, 17 Aug 2023 09:04:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1B34 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c0f0c7acb3e2d4ea5efa998f04bfd00c0fcc138ba359039c129b9e23622f7cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
quant.js
secure.quantserve.com/ Frame C34C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 23 Aug 2023 20:04:51 GMT
op.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame C34C 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52d5d4dc993de73cdd70e941b617f0c5eadf1311b80402afbc136719c71656e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
RCkMza_2GVMW.wrpeSZ39qvzclC04Iyf
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 20:04:51 GMT
x-amz-cf-pop
PRG50-C1
age
8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6843
x-amz-meta-git_commit
ee4b1d5
last-modified
Wed, 16 Aug 2023 18:37:45 GMT
server
AmazonS3
etag
"bdc5799405009a58665dec16f9b9a55b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
xPaZx8c-7hSP2BcL_er-FtLlfrNp0M1vWdKIBqdvCD4SluNqxNTSlg==
0
api.saambaa.com/post/storyboard/15006/market/ Frame C34C 		537 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15006/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0f6a59a0e5b314c46225b4e6de83476edc6123fac80a5ce8b36bca16bbf448e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
content-length
376
collect
www.google-analytics.com/ Frame C34C 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2127888679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dp=widget%2Fgpt%2F728x90%2Fidrlabs.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABEAAAAAACIE~&cid=1474646508.1692216291&tid=UA-253383216-70&_gid=986809698.1692216291&z=1782409333
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 09:25:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38356
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame C34C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
last-modified
Mon, 02 Oct 2017 18:02:46 GMT
server
Microsoft-IIS/8.5
etag
"39e0e3a6a83bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame C34C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
quant.js
secure.quantserve.com/ Frame E114 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 23 Aug 2023 20:04:51 GMT
op.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E114 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52d5d4dc993de73cdd70e941b617f0c5eadf1311b80402afbc136719c71656e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
RCkMza_2GVMW.wrpeSZ39qvzclC04Iyf
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
date
Wed, 16 Aug 2023 20:04:51 GMT
x-amz-cf-pop
PRG50-C1
age
8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6843
x-amz-meta-git_commit
ee4b1d5
last-modified
Wed, 16 Aug 2023 18:37:45 GMT
server
AmazonS3
etag
"bdc5799405009a58665dec16f9b9a55b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
hR2GQRAsY2jEA_0mcWK0tvl1G2yDtMUDqhm7av0f784U_FteYeXr3w==
logo-saambaa.png
saambaa.com/assets/image/ Frame E114 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
last-modified
Mon, 02 Oct 2017 20:10:35 GMT
server
Microsoft-IIS/8.5
etag
"22c03482ba3bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
0
api.saambaa.com/post/storyboard/15002/market/ Frame E114 		541 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15002/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
014c7e737f5d8030f00cd80d58499ce60f401e30a092cd840cd2ee8bb4af66ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:47 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
content-length
377
loader-dots.gif
saambaa.com/widget/gpt/300x250/assets/ Frame E114 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/300x250/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:46 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
collect
www.google-analytics.com/g/ Frame C34C 		0
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=28586916.1692216291&_npa=1&_s=1&sid=1692216291&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_728x90_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame C34C 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=28586916.1692216291&_npa=1&_s=2&sid=1692216291&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=728x90_desktop&cn=728x90_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E114 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C34C 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/g/ Frame E114 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=374981310.1692216291&_npa=1&_s=1&sid=1692216291&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&en=smb_300x250_desktop
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ Frame E114 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&cid=374981310.1692216291&_npa=1&_s=2&sid=1692216291&sct=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=0&uap=&uapv=&uaw=0&seg=1&ep.pv_widget_type=300x250_desktop&cn=300x250_desktop&en=page_view
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@analytics-debugger/ga4mp@latest/dist/ga4mp.umd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5D55 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1085
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM3vP7NicmNwQ5hf513uMNE&google_cver=1&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96n...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96nNlhp83A3Q1yov1n_U&google_hm=lNURLLl9SfmbtxLiF9F6aog
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96nNlhp83A3Q1yov1n_U&google_hm=lNURLLl9SfmbtxLiF9F6aog
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRZaI_PSlp6VYADTo9-WIig-o3hx4eEwr9GGEnOKvUdOIbZVz3LAert2vVJ154XwRxrqZg4mNEd96nNlhp83A3Q1yov1n_U&google_hm=lNURLLl9SfmbtxLiF9F6aog
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1085 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELpv8IV7UNWot0ZsX_3h_VQ&google_cver=1&google_push=AXcoOmSnoOG0upwZD0GBEUF1hkJQuP5LRcHkKDPHHO8FFRTGdSxPqpzk36llv7qKcoVCF_uOuN11SypJv2vAPIPwSfow_O0NXZti
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 1085 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFjJ5JYVU4gBKA92yKj7bkg&google_cver=1&google_push=AXcoOmSzE-U3Mlxp_yH1dU0BkHS0sSIRqzv5Po4Tc_dBvU-hbOFPkrDNJU5_puPzZvZskaq_0Ibm8wPMVTaML2OZVMdIVlfnPn4h
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.183.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-183-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 1085
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELsyprVh7Q2-M5pGVFqW6b8&google_cver=1&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts-UC2E&google_hm=eS1MUVouUDBWRTJwRVdFUH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts-UC2E&google_hm=eS1MUVouUDBWRTJwRVdFUHdPQjFhWnQuQlZER2FGTzdRMX5B
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Aug 2023 20:04:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQfpUhsIIhMNuOzx86f6UMS5F4OQaYeou00beZcMKtmJko7yjdd13KpSC-3LmG1knZI7z_QvjxbvKX91DHWc3golts-UC2E&google_hm=eS1MUVouUDBWRTJwRVdFUHdPQjFhWnQuQlZER2FGTzdRMX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1085
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELeR_OpyVfs4svZftOzUvNE&google_cver=1&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELeR_OpyVfs4svZftOzUvNE&google_cver=1&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNzA5OTYyMTI1MzY2MTUzOQ&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNzA5OTYyMTI1MzY2MTUzOQ&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-N5-P2uWNNrDeWgFWPHoF
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExNzA5OTYyMTI1MzY2MTUzOQ&google_push=AXcoOmRM9GxIx1GtOXS6PyTA1-W9K9LTIx-j4a5XyrQhRuQIUzrf3VOkddl0OAFqsSpL4QzP70e68_9-N5-P2uWNNrDeWgFWPHoF
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ups.analytics.yahoo.com/ups/58281/ Frame 1085 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDjgcMovPDEKs1JttHOZAUM&google_cver=1&google_push=AXcoOmSzY1ki8A2txfwPyHJZ4io4XHa_c1on7_STGr0tg8nCrwwHKrPvtGYAXyOZQ7FuTJZBJmg8bAxk1JGwu_Pi9NqYurssDsxUoQ
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
report
sync.teads.tv/um/ Frame 1085
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMp-rI26M5Bq...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT6NlQHB2MnRrppy8yMkun_lB2agKZRnqNGugd099ePMHnGjjJhuAOOJQcLUwnYrx8oBVddPLNphtedZX_fFxKGVB0k4Xdctw
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:04:51 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1085 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpeK44CGnbQQRqmJoylUPh9aCh-Sx9D4RQxExRz_XigyldJZSHaGtKmxUxW11BQr2yXp6_3fQ
Requested by
Host: 07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ai.aspx
m.exactag.com/ Frame 1B34 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20031722621&extPm=20031722621&extCr=487657281&rnd=3503752653;
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 16 Aug 2023 20:04:51 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 16 Aug 2023 08:04:51 GMT
X-ET-Code
11
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 1B34 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=29888664&sid=7332272&plc=365692481&num=&adid=&advid=8120183&adsrv=1&btreg=556861384&btadsrv=doubleclick&crt=191392068&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
734e4e77659d53332cdae68d2bf9250a05c6bcd238f3f6faed68d46395e7cb48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 10:14:26 GMT
Server
UploadServer
ETag
"cb238d58198d6f5a3d07306f22b92636"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3501
Expires
Wed, 16 Aug 2023 10:30:13 GMT
csp.php
vfd2dyn.vodafone.de/csp/ Frame 1B34 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1779&r_id=htlp
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.144.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-144-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/2056398398693609949/ Frame DD9A 		124 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
606e3fad8326a187396888b4e2f3ed04a2dc56679a2b1f64be37f73c4f286f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:51 GMT
expires
Thu, 15 Aug 2024 20:04:51 GMT
last-modified
Fri, 14 Jul 2023 08:28:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1B34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi6C9CAVQzDgNN0giGJGDqd3RHzaZENRoTVA8niFsMIM9hgfHRJymHBtnCH7zgAE3wzEq9UWSng1QISIJG6FZplXK-v_otv6iq-6taO4kdQQeAlfqa_0fuiI0bfFVeeVCHKMgFbhvSTdsOPTFkXaRiV_pifEZhv3MwyCNBjh7p4UISMpyoYx41XlONCgtJWCPwtMBPqPQgOsFMvj8x_UFCH2nFLmVIvYt4va-pvfsISHeYBxiC0JzCqMo-cdkRcRo5i4Kcm7cqSW0gf_8i1GsgapU2nkALQkvtCiXOKov11bULvCeFWR9Rxop6HSHP7ShENMmItvcc4qkrQAqdyMjeOg29NXytq2gsZILJB4EuJhtA3S3GzTnjbRq9h4uQArL8p2ekiWviTVgsb2FrE45jGI03ru4-qZUf5hbGazuEQpCdZZf35uBWl_iRSO-Q7Na-oMiy2AHWGOrNuMPOgEoDthWtni3SkI-1MoaEiQf-8ck1bMeqClwKgDpb3nTZWVv51Fu6jn5tPsU3RFuMhpPZrFFXtrW07RcYrvqdkW4Yp6jELuUL7PA7tsjNzvova9vaMW1tNkeACcqMkweIz00Im1Goeje6GF_Ga4ea1KSwdyRDbDELkvOnwlpFCyK0tTsEovKtZxPePMT5hi32IrfxpcbbExpowjM-BT0eUECI947rnyHwG4plGhGZzhD4ZuyDWWymq6kFSfpkhNRLokKrdZ8pOofcz4-c1X2ZxTbcx2GJdOBNiR1UdgtwbnERAyQ2BXXrPprWWarwKI5BYzbwLZRQA16xpRAn8qgRm-Wlw0S89E4fKImoAC93j1q1hX8PmfBBbltkJ4ubTIAXrPQkbWlR2dhIBRMgW7Z4AUE_dV8Jp9oEXGZ-xFdS-bkwI9EqyB_2Jmd3rZbrEvyip83eb2B9cAJACKxA9_mPdIURqj7sbtd8yMv2_E3U9oBMSExfSQcvEKwnxcSKGNTevhqZQNw5iupG1VYv49ZiVVIHGmKZCelBQKLKePZN74UfZz5BdozNiRmrvpiUIoEhetL6z0a-3-g3zXkXFDn3o8HMWJL5g5wWLAFULbLjS6l-CZjNDI50Hcc9E-IpRvGQDJ0MA17vwXsL79YJ6_AFI_sjTkKLs8tbWTFGxcqvP__JoE0rvCMgj02CrnK4Fhev3buskqaOQnynqZ9-n5hhKMHZXSS53NDyp7yoOMy_cvSHtslOKPDJqiCaUf-PFE8_0xZpdCI5ONoUYwj5y8DLjVwbTX06ldl9q5kNik6jyYWPdp264f6YOGmavyPN8ou8LBRFBl6IRKyetJcLji0UrtsSK06AHKIz2b0MoDdfsUGDq_5K&sai=AMfl-YR7r1IlAWdnzh1ql-PgZRb_-tEYSGFjYq5ZI3alomze6GIz1A0dbGWOEW0GnFyRQ5T5ZJ01zcXPGIcC1lb6IdbTs-Sce-vY1gYMD1PGID-3e-LTBUr7_lCisDBtd8CumixbKr_yE6Qb3kFZ-4nugGiyXhL40pPfEtVV9U4pGT1ZibXGufCvov3a8JI_5NReo3kv6Mh070lvHrRzOkmsUQ5vYU7MzPbG-qBZBvJuKNGob9qpgu-d8dXPCx_c9GZQyuJFF8w&sig=Cg0ArKJSzMZM-KOjizDbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=130&cisv=r20230815.23541&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:04:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:51 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 5D55 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame C34C 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:43:59 GMT
via
1.1 85d2219c335742c82e7bf84433bc3256.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
1253
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
w4Q0qqtMOoLzGcXJgInJ8sSwbKR30ybER7cMKW0mBy-4A_JDUg2bDw==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame E114 		160 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:219c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:43:59 GMT
via
1.1 85d2219c335742c82e7bf84433bc3256.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG3-C2
age
1253
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
dsP12CTBT-ar3UzaSJ40czBjpUf_N1knAFbcjffsyrrkVckD2a8JsQ==
Enabler_01_250.js
s0.2mdn.net/879366/ Frame DD9A 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 07:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44714
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 07:39:37 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame C34C 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
J6lKTiH3vJmyIKDqDRtoNih8s-naSgDK4LHgwXNDVxEtJO1bjr8MJQ==
bl-0211e21-432e39ee.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame C34C 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-432e39ee.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:34 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
KJNOFQ4cor9tQ3oquej3Jr.xW9DWpvCd
x-amz-cf-pop
PRG50-C1
age
4038
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29071
x-amz-meta-git_commit
0211e21
last-modified
Wed, 16 Aug 2023 18:37:11 GMT
server
AmazonS3
etag
"ea49262f3f1d76ec09e9d58914510d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8E8LwwkfYrGJx-fGsHCDmxbNcjEzflLDxOBOXYu8XbOJDiLJBoCNyw==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E114 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468120
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Q5mb1tl1cYEkVcmxK05Rnkf9M4dl-o3x_z5Sm-NX9O118gzT9tr-Xg==
bl-0211e21-432e39ee.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E114 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-432e39ee.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:34 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
KJNOFQ4cor9tQ3oquej3Jr.xW9DWpvCd
x-amz-cf-pop
PRG50-C1
age
4038
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29071
x-amz-meta-git_commit
0211e21
last-modified
Wed, 16 Aug 2023 18:37:11 GMT
server
AmazonS3
etag
"ea49262f3f1d76ec09e9d58914510d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
RKRoAEwlMVydt-Z41C1Lc2jfT8wzlMaaBK-LOsr8PejjBwERGTaxcA==
pixel;r=402170831;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.ph...
pixel.quantserve.com/ Frame C34C 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=402170831;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;uht=2;fpan=1;fpa=P0-1259323154-1692216291200;pbc=4953a91a-1066-4482-83a5-44ad63a84979;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=1;et=1692216291309;tzo=-120;ogl=;ses=b1e1dfa6-c13e-48bd-ba90-ac73a4abc3a2;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=2029088467;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.p...
pixel.quantserve.com/ Frame E114 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2029088467;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php;uht=2;fpan=1;fpa=P0-1452886255-1692216291207;pbc=4953a91a-1066-4482-83a5-44ad63a84979;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=1;et=1692216291311;tzo=-120;ogl=;ses=b1e1dfa6-c13e-48bd-ba90-ac73a4abc3a2;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dv-measurements4496.js
cdn.doubleverify.com/ Frame 4824 		420 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4496.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:6::17d5:a191 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0cc9b4bb76dff3c442af0823bab18c5d0500bf5a4d017af91beede311161e0cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 07:19:02 GMT
Server
UploadServer
ETag
"2154cc44d6c58063467ceae5fbc0bf65"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=946080900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100536
Expires
Thu, 15 Aug 2024 07:19:59 GMT
woff_vodafonergbd-webfont.woff
s0.2mdn.net/sadbundle/2056398398693609949/ Frame DD9A 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2056398398693609949/woff_vodafonergbd-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd499bede79f0a3e8eda7024e1345385ea24e72ec31bdc17ad32be9dc53f06cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 15:25:28 GMT
x-content-type-options
nosniff
age
448763
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27512
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 08:28:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Aug 2024 15:25:28 GMT
woff_vodafonerg-webfont.woff
s0.2mdn.net/sadbundle/2056398398693609949/ Frame DD9A 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2056398398693609949/woff_vodafonerg-webfont.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a5805cbedcf948d278d97131f1864f8e4b6a7d746cf129efd35cc4d85d2555d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:00:04 GMT
x-content-type-options
nosniff
age
57887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26392
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 08:28:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Aug 2024 04:00:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1B34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvi6C9CAVQzDgNN0giGJGDqd3RHzaZENRoTVA8niFsMIM9hgfHRJymHBtnCH7zgAE3wzEq9UWSng1QISIJG6FZplXK-v_otv6iq-6taO4kdQQeAlfqa_0fuiI0bfFVeeVCHKMgFbhvSTdsOPTFkXaRiV_pifEZhv3MwyCNBjh7p4UISMpyoYx41XlONCgtJWCPwtMBPqPQgOsFMvj8x_UFCH2nFLmVIvYt4va-pvfsISHeYBxiC0JzCqMo-cdkRcRo5i4Kcm7cqSW0gf_8i1GsgapU2nkALQkvtCiXOKov11bULvCeFWR9Rxop6HSHP7ShENMmItvcc4qkrQAqdyMjeOg29NXytq2gsZILJB4EuJhtA3S3GzTnjbRq9h4uQArL8p2ekiWviTVgsb2FrE45jGI03ru4-qZUf5hbGazuEQpCdZZf35uBWl_iRSO-Q7Na-oMiy2AHWGOrNuMPOgEoDthWtni3SkI-1MoaEiQf-8ck1bMeqClwKgDpb3nTZWVv51Fu6jn5tPsU3RFuMhpPZrFFXtrW07RcYrvqdkW4Yp6jELuUL7PA7tsjNzvova9vaMW1tNkeACcqMkweIz00Im1Goeje6GF_Ga4ea1KSwdyRDbDELkvOnwlpFCyK0tTsEovKtZxPePMT5hi32IrfxpcbbExpowjM-BT0eUECI947rnyHwG4plGhGZzhD4ZuyDWWymq6kFSfpkhNRLokKrdZ8pOofcz4-c1X2ZxTbcx2GJdOBNiR1UdgtwbnERAyQ2BXXrPprWWarwKI5BYzbwLZRQA16xpRAn8qgRm-Wlw0S89E4fKImoAC93j1q1hX8PmfBBbltkJ4ubTIAXrPQkbWlR2dhIBRMgW7Z4AUE_dV8Jp9oEXGZ-xFdS-bkwI9EqyB_2Jmd3rZbrEvyip83eb2B9cAJACKxA9_mPdIURqj7sbtd8yMv2_E3U9oBMSExfSQcvEKwnxcSKGNTevhqZQNw5iupG1VYv49ZiVVIHGmKZCelBQKLKePZN74UfZz5BdozNiRmrvpiUIoEhetL6z0a-3-g3zXkXFDn3o8HMWJL5g5wWLAFULbLjS6l-CZjNDI50Hcc9E-IpRvGQDJ0MA17vwXsL79YJ6_AFI_sjTkKLs8tbWTFGxcqvP__JoE0rvCMgj02CrnK4Fhev3buskqaOQnynqZ9-n5hhKMHZXSS53NDyp7yoOMy_cvSHtslOKPDJqiCaUf-PFE8_0xZpdCI5ONoUYwj5y8DLjVwbTX06ldl9q5kNik6jyYWPdp264f6YOGmavyPN8ou8LBRFBl6IRKyetJcLji0UrtsSK06AHKIz2b0MoDdfsUGDq_5K&sai=AMfl-YR7r1IlAWdnzh1ql-PgZRb_-tEYSGFjYq5ZI3alomze6GIz1A0dbGWOEW0GnFyRQ5T5ZJ01zcXPGIcC1lb6IdbTs-Sce-vY1gYMD1PGID-3e-LTBUr7_lCisDBtd8CumixbKr_yE6Qb3kFZ-4nugGiyXhL40pPfEtVV9U4pGT1ZibXGufCvov3a8JI_5NReo3kv6Mh070lvHrRzOkmsUQ5vYU7MzPbG-qBZBvJuKNGob9qpgu-d8dXPCx_c9GZQyuJFF8w&sig=Cg0ArKJSzMZM-KOjizDbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=445&vt=11&dtpt=306&dett=3&cstd=130&cisv=r20230815.23541&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C34C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPcksTGkH8VUfcOYX_tG7xdx4PsmZGzUD90Gm73cD3kNQ3pHqcO3mFZODSwK8xY49yUAiPQN5WQutPlebDOPNJ62LuNk8NnBdOkR5PIUVXqHJ6TtvsoV2GV83t_VlCecdWn7WPqBMTkZ81vvpjkBGlIJdmxpvLhD7qVvMjp3Yq00FnH94mJl0RccGFZe9xhmiHGV4E4JjdkvFHzkNPQ8nf2MdQUeVAnOIWSDEFRKwgosTorKFvQT18JYbNzF_n6rOB1cBmsCphT0JgRXGuPSog64UaVMRrGLiLoenJd8fD6KGHxVWosE1ujM4UlFNMWy9XrzRFKaasmUvx5vAN4RedSg&sai=AMfl-YQhW1EUcDeCWjKJaKXVzjBPFWJPmOI2tK4FPgzlfJWvdF7PjA4z7Y3JrlUMCTc7IACopLbreCwoglWhQFn2KjrwGuJcoEf7WlLhf7Tfsb3v_h_bY8NjyNM0C39qzYsxkhx1LXpooBUL0zrf8Gw3&sig=Cg0ArKJSzOr5u-fLMBe3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:51 GMT
visit.js
tps.doubleverify.com/ Frame 4824 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=347&ttfrms=26&brid=3&brver=116.0.5845.96&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETar9EEADTbpTauTau_f6beeh4f4h73fh%60g767eb%60bg2h5h%60h7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3A5C%3D23D%5D4%40%3ETau56A6CD%40%3F2%3D%3AK2E%3A%40%3F%5C56C62%3D%3AK2E%3A%40%3FTauE6DE%5DA9A&srcurlD=0&aUrlD=-1&ssl=https:&dfs=597&ddur=59&uid=1692216291688878&jsCallback=dvCallback_1692216291688350&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4496&tgjsver=4496&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=12&brh=2&sdf=2&dvp_epl=349&noc=4&nav_pltfrm=Win32&ctx=11655933&cmp=29888664&sid=7332272&plc=365692481&crt=191392068&btreg=556861384&btadsrv=doubleclick&adsrv=1&advid=8120183&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=774868304.404777&dvp_tukv=335445.45041457296&dvp_strhd=3.0999984741210938&dvpx_strhd=3.0999984741210938&dvp_tuid=1300582648755&jurtd=3030621336
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9d5fdf3ed65b1346b65b6cbd1a81b4632b41241e4f66db7da3b60d246fda643b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:51 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/15/2023 20:04:51
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:51 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:51 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:51 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:51 GMT
bid
ap.lijit.com/rtb/ Frame C34C 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
68923839f6c4384d7dfb93dac58535b5460ccf752423c0e6e267e22fb72f2ae6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%224a3f8a2235c151%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216291720&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame C34C 		728 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2268a9fd5c94fc5d%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=abb4a3a1-d0df-4844-9108-4edbc7f56d57&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
49e632900074d344239861dc254d0684036c2509bff5bbdd7bc19e3ef700dbb3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-116
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=10b24c47581bc9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.212617327884973
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6118f8c82c62f09eed07a93d22c85534e69889cf801942ca55da4db19561b4bf

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		37 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade40a83600597db638cce7fce725dc2857f4b0c0254d5870710b1dc89f72ccc

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FHJ71BFPp5fEAP2esc5hB%2FUkrFD7u6RzRqE%2FbyZy%2BjIYWA%2FkpVY7OhNWs%2F0B5mlkHlr8oXiu8SeNk8s2Wql2xcm1WRKjhWBMAivJi5CXuOY6bJdInKqL9Agv3trTM0NMXpm9BJ8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49ef6a702c72-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame C34C 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
176
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10abafeac3e9335aab5690171f909a2706038f790ddc4f2305b0cf7799868f0a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGvu3AivgQsU2adBGeQEFUnD5EdyLhv92v0wnzJE8M1oYSyu1PKbTmUmEGPtBWM5NZcxb7yk6eehQASphAGv%2FWp6VygnmUmQztSSTgiod9j1n91XEW6wl%2F1K1R0AmHVBBuM5UIpi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49ef6a712c72-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%2223ee3f4e7c4bc1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216291739&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=27186beb5037129&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.9708918249815595
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35e7c8f8658578661e86eb14c493a06d2658607bb5138d8e7574372f188aa46c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame C34C 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2229618572e4e81f5%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=ec04fa42-3d17-4a57-91ea-a04abf2c38e0&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9c6ec2f1bdbcf0d63d701db71e14cb927aaa2fcbfb3b1ce13774deea1202766b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-55
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C34C 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1060d0aa86d4cc1ce004a3bd4bdd6de7d6d167b2ae9729c7875ca45fa7d4fe56

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame C34C 		23 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
31dbf352eb8729ce01cb6c097e201644a4870394fc4d048597cd007b900d75e2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
208
content-length
14530
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		37 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75443e7fff88c133248da0ca08c660f171b0cd84484fe904ac330eb7d04fb77

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVTagD9qDQL1UGpwuTfnOqFGRfK0gRyW1maYpZh3XTZyOaHqtJfiriqZKoCVSYZEc69jH7r%2BhXp7I4cQR2lC3brkHdrMGizrRtCo2AUBlIFKQApmF6JUYNgQhHwnpq750kSAzelf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49ef6a772c72-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame C34C 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
be1a35c232b28d4da892f00246f8dfb79e68cb0a6e9854aa4c37ff47e0275ca5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame C34C 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-2%22%2C%22callback_id%22%3A%2244b064c136a477a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216291747&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame C34C 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224828b583d13a34f%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=c423839a-9c99-4242-9ba7-d17c5a486728&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fd25b828640cf54edac3fc11dcadd5dcb8ac12145a356f3c9e9644678d01a59e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
440
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=50953b074181018&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.15512321569785836
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f923ca973cb3f9addb474fb553de433a473ddb7f9e2711b1103913ec73b1e3b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=538cb615598111b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.08413366538599587
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41d8544168f39420ed180538612d83013fd99c0a95f81613ae749121e647499b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame C34C 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22550706be7015be7%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=b3cbe9b1-19e6-4deb-8a17-83fa0e352496&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c484e18154a0c7ac9bed3ffe5a978822071865eb736a665497288f4da213eb48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-32
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame C34C 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
159
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame C34C 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b40e96be5732b2aca523c69c6c5fc0f81d9aa6b1bfa64e3005ff81de8264ec3c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		36 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed20d6e2a857d7abeb7dfc4372627ac9d9051569ef5fd14cad45721f509b588

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwkrsjVdHB7vihB1Ud5BW6G3CRYAUJsCwFD%2FrrrSA%2FLJiVl4sgjCvO8OlJ5Yh4a5Wx9wixTN6Ws4gZiic9%2F%2FeOHYdR5hMxqu7SSr3jdO91BxQUyRsOUEh0lmMEhX%2FGrXivGUjPaW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49ef7a822c72-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-3%22%2C%22callback_id%22%3A%2267b102c88d86634%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216291755&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:51 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
blank.png
saambaa.com/assets/image/ Frame C34C 		68 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:48 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728x90_fitbux_v4.jpg
saambaa-static.azureedge.net/direct/ Frame C34C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/728x90_fitbux_v4.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
b7063e5c0ea56abf52c2964d30d3ba321220085106fae67046d59dc668687e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 20:04:51 GMT
last-modified
Thu, 10 Aug 2023 20:44:07 GMT
server
ECAcc (frc/4CEB)
content-md5
OILZK6yWAIC4HWPLJHRy1A==
age
507042
etag
0x8DB99E28AED50B8
x-cache
HIT
content-type
image/jpeg
x-ms-request-id
8cb0f25c-101e-0094-08e0-cb8dcc000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
21630
300x250_fitbux_v4.jpg
saambaa-static.azureedge.net/direct/ Frame E114 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/300x250_fitbux_v4.jpg
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE7) /
Resource Hash
ca88e9d1b4cb8c46a92b175d573fe9ec1c1597c89b72fa52dbab3622299614a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 20:04:51 GMT
last-modified
Thu, 10 Aug 2023 20:44:07 GMT
server
ECAcc (frc/4CE7)
content-md5
VqTJNy507X5BAeDR1Czt+w==
age
514199
etag
0x8DB99E28AF28064
x-cache
HIT
content-type
image/jpeg
x-ms-request-id
fcddc444-401e-00e1-3ccf-cb0a77000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
25056
sodar
pagead2.googlesyndication.com/getconfig/ Frame DD9A 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cbf439808b5e51bb4c6ed5281fa9ef82810f01154473c4ebd07deb29a4d6603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5657
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E114 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_z0gUzFoGWdDVc8DvhaYXCY20lQcyZPQTgrzGE3gi1b83d6RH3GmSuUO6nQylXqPr5KdmMb5bX-W4_l5VWOHK926fcNbgJZNZbvIXKT83QYcdJfgLmjB6IwWMFHaK73eOxfy11U8f-TPK9DiKBvm-zzxUoU96SGpkHRLihcUZIBBLtqiXr4m2ir220lzokXy6iIr5Cdgn3x-FyeBCJ28hBJ7KANkOgmm5fKfHxJfB0UyAHr2u3Zrnfl7oQfB9kYpMaELqn3flWIu_e3lwzCjcaaSqNnS6TZxECOC2iqijl68Mbrf8_9rOpOGpbjNvzMkxgz2nLaRTwpJjMkAbpKzoFA&sai=AMfl-YT1DSzzDDbwKrRtJXlFXZbKvC8SAjIFyY4OedeiSbbuV19u_hcoLJVhX5fRNd3_dY5P65Z39PT8L1BUuarYicLbN3PDhoPge8W9wmE1PUkGwSR9bT1zp5eZPTwGlRf4xI8b-kbtIrjNdjSlnpE&sig=Cg0ArKJSzGLVodH79w3YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:51 GMT
beacon
ce.lijit.com/ Frame E625 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 16 Aug 2023 20:04:52 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D55 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkCdq4ivdZIj8N_ySjuwPn5-CsAcAAAAAOAHgBAI&bg=!BQalBlLNAAaiGN5Pghg7ADkAdvg8Wqmfa0oPCnvWQyq-Ms8gS9usHIiggDvsHNa0YhOENAj3bQDqhzABflEOAXaxzVS9WT2XAEsCAAACw1IAAAAHaAEHmQMPCDPgGo_l4EFDg-4PSpnSJoCtSQIyO3KBBzlaIkxzxA0aBKrtYn26q-4hTEmvm9ZNywSv9SMu-ff0Y3MEK2guDfkv8JoxJXPRUaCbp5_IqT4G5ydOAD7RQ3Z_g43zyQ0joKH6jLreobrJ8NUi5yDLXXVEFmXVKtB8V8WDlwXWXbGAI296JKuj0gCsNXU3xgwQ5SFmv8aDmSmVGFCMdIg4KjDjWgmAqDEmOXXvQDdS6MSgkXZe9tVsBnsVjIKquWYvSQeG1YP6D5nqeNZR-0k-KWv4-K0mRABBN2RVhqVjl5Xni7k90IEfGX5MhLIXQUDTgAjrYMamq0tHqc4sQ_ih0iwa9O7tU60VKI2edZhz2WufRpp1tCwD8bXux7xTuaKOlQYb4CZeeNHhHVOopWHqwUURYLmaUv1mNRCLyodn7bI9j45t7vNCoc4zms3cwaaW_sJTxTYwtyZWCfez1H_Uk0ToL6SY-H_42YdBiT0K2oI2xGFYjsgElJPeWcwDZ1Zu6jOQvi1ftt3U1vDWzgpCo2qiow8ujIwX1qMf-XM1In1hvlaGcSEZNgUETMEGUSA2HIH2kug-lzSxbyA00ES1_-xuHfQy2lcdJdWvjqB1ed208ITjvzWVmX3dnF7_kx85zt7dP6Br5WLH0VzwKCoq-1qVe3XazniEiTVct7IRn5ThAEkEjfB1DtMzz_9sQGR_nFL7_p5tXGOCHTaf3TDK6u0HWn5GWSQm1tEYgZjcb3yb53oeq5j--GNGC-fXUcmSPVBuw8LTZqU0Uh1BUAW-Un-mWQP2QpaDl-WB9kc_znchAMUw_R81p_YefBXqF9B5PFvoi1TdvpfQ7sWH-PhVntM3Vwv2mZUhrnCqAYBWE-PgGv9DEpThXiHBpezoYt-Zl4X2De_nkpojPk26SHiu4s092SIYXa9yJX4C9gavXgoTJeZLzM_U3Cm4cc61a-pBeE8daKHLe7iS_hvH3gWgTSgbtXVAj224g0QjzyNlDGD3nt6uTCeqaHD-JKULuKdGO_1_3NCtOzAw_a6OpJ6O
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:51 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%224f6f908d108a37%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216291988&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		36 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e977ade701902c8ac51b551168f9aed7dcbb608aaf1daf2ace9230c0b91d7f14

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XA0D%2BMe7m%2FCzlQCa0UnIdo4H%2FJpIRVD0AyYaNkVf8rrp8qm7ZeHG%2B6gHPSrXTqovKItmN50yqod0Ci9m0BBiHRbGuTfJg2iIItBKLyl2tf1BzsMy6ZiKh%2BfF7jxrvmbhRtNgnXj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f0ebc737d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
c
prebid.a-mo.net/a/ Frame E114 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
114
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210bcdba4c177392%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=ea200834-8ff9-4a77-93c6-e8dea92178da&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1e0c149db86996bc9c77f0ef7ab74a3c7820cd9a66f83b4d467017cb3790fd73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E114 		23 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6b286c7520e5f3c04cf1ef915c33bca3c60e7deefcb74e2d0073cebf838d1335

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		390 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=16749d34b0abd42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.1222670257339995
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41d7496bb13fe1f49b36d7db5041537b85354cec6dd6e29f0f9682af85657c5e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
390
expires
Wed, 17 Sep 1975 21:32:10 GMT
VF_Icon_RGB_WHITE_300x300.png
s0.2mdn.net/ads/richmedia/studio/pv2/92578934/dirty/Credit_DCO_160x600_Flux_2304/ Frame DD9A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/92578934/dirty/Credit_DCO_160x600_Flux_2304/VF_Icon_RGB_WHITE_300x300.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad3017a3847b1bfa685b0de6601da8f67b5770b4d2bd09ab384bcd77b03ec78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:21:11 GMT
x-content-type-options
nosniff
age
81821
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11031
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 11:38:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 21:21:11 GMT
SIMkarte_weiss_gerade_288x320.png_1689265653461_SIMkarte_weiss_gerade_288x320.png
s0.2mdn.net/dynamic/2/11098810/www.vodafone.de/media/img/products/ Frame DD9A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/11098810/www.vodafone.de/media/img/products/SIMkarte_weiss_gerade_288x320.png_1689265653461_SIMkarte_weiss_gerade_288x320.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c74a0feb863cdeb8cd6fca49043977f383a5f39ade96533c6acbf29391688362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:01:18 GMT
x-content-type-options
nosniff
age
489814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16123
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 16:27:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Aug 2024 04:01:18 GMT
44488980_20230423144352102_Hintergrund_Visual_GigaMobile_Rot_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/44488980/ Frame DD9A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/44488980/44488980_20230423144352102_Hintergrund_Visual_GigaMobile_Rot_728x90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9c171e3969d8f9635d10f584b741114ab5cc7071ae4a7724927bf346fe4c75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2056398398693609949/index.html?e=69&leftOffset=0&topOffset=0&c=9z52CsmgKE&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 15:11:31 GMT
x-content-type-options
nosniff
age
17601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11886
x-xss-protection
0
last-modified
Sun, 23 Apr 2023 21:43:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 15:11:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DD9A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		37 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40338ee30fe99c59de83fadee8e643dcf3fceea2971b9ecfbf3488c697661d1

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu6SWDuDjqO7Ahv1acji4DxAPXVNxv0HxhoPwnK7AuuJuwWg6T4zuo2eerEFf%2F6EfcFgQtc8w6oEbUMDBbtktz3Lu1Z9qmPg%2BFzijxg%2BTVCW3TjNBHhARwLZZNq5RRSDmUyb9x1w"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f13c3037d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame C34C 		728 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2276e8d1813fedb8%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=a94cc4a4-d321-47a5-a10d-c75597fdd969&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c207b48141ff6558ee20a3417a9f991259e9f0d7face1da2d05123a438da8355
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame C34C 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
126
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=80a587a33ed3be6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.12934909575677556
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
49565b2df78cd6ccea1d694d07c45b34f2a52ca58ef05dcf348037df4aa67503

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2bace19c6612e67ff13de49655f6431c589bc2a50e6d1ec9fd1b47d0cefdb61b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-4%22%2C%22callback_id%22%3A%22846129e3c94a286%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292037&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
76d191c56fe217b94190589a2e3798543a393e1fd5b3914051a754d3cb8a6e89

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame C34C 		729 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%229076d89ab7919f9%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=451e59ef-96f7-4bfc-8584-ff0a3a6b190a&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d822e59e52d941a8db4987f327a4f8cc4b7f29555faa8de3b4eba1c4ef3b81a9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		37 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c5322b2141b7efecd74cc8414159bd7c9dd9451edc6b53288b2bed0c3b4e9e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8R44fu%2FXB8uaVKN2PlRRAu5BbNFn3n56XBrckFiN%2Bhig8luBfnnxKpEeTMqUYjRaABEWyVx%2FKjbcX0ko%2Fppmh16breAY8hKqmu7wmMK0NktuShC82JXAEqmdm8Mp9e8fFzL21mg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f14c3f37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=948d3d120cf2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.9849884470642922
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a303303ac22041692e19fa76deb913d675842b5c34e8bbf9cba7638371577ad8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame C34C 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
156
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-5%22%2C%22callback_id%22%3A%22100c818b7f12b9b7%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292043&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=655680601741147&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292051&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=1hc55vk4d8i9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_amx%3Dbanner%26hb_size_amx%3D728x90%26hb_pb_amx%3D0.02%26hb_adid_amx%3D166da1ec538c1972%26hb_bidder_amx%3Damx%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D1654be255b913acb%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D1654be255b913acb%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2587397766
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4714515e58086f8a3a8b4c386f3de2f5bf584accd3a88d83aea04bb74f6f448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C34C 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b27cc1a56e5ed1911bed60cfbbb65bd13ba595e11bd3482b1eaaecb5c376173f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11793
x-xss-protection
0
container.html
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CAB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Thu, 15 Aug 2024 20:04:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=1449281839668763&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292072&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=sa28h1xsapau&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D1672706cf6df42e4%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D1672706cf6df42e4%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=4283511922
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d8258bbf49433fff942104740c19eae247592198b208b47340f7baedaf8ab2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11673
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=102d68425156724e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.08955123213455018
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4d69716474563269d2e5c5d4a9a5d842c4baee6c78dbdcfb763204c043e69fe4

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
787613bf047f6dae329ea5d13bd5eea378674595e504eb53beed955f5d277279

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-6%22%2C%22callback_id%22%3A%22106ed7e057862854%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90g_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292082&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		38 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3a0dcc2773bacae4e8a8ccae0b4e7dd99216d22a5f3f71e8296ec4e1a8dfc7

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fvqzmbQgunfmJPuthsnGH2lBeK%2Bqd84v57HwRxHEFatcfw%2F3qD0vPg16zzqXrCfka%2BhNU8V9UPdtRXKNfeFExkhI3ZaF4kWcUO3P91eBkkvlfu%2Bv6%2FQZPpb%2F%2Fwo7GX%2BnZKCeVSG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f18c9a37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame C34C 		730 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22114744ad534d2db3%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=77742276-404c-4323-9e71-30506b0110b6&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3ba9df27ad9464d447bdb55abdd186dd28b90febb2e58040abf5e0eba14e5ace
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-12
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame C34C 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
186
server
envoy
vary
origin, Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=2260701439224035&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292091&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=lr0gp3srgoag&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D171acd2400f7c8ef%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D171acd2400f7c8ef%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=1332890142
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
336f6188869d97fcf0011817d3f20d25e6a4873d1797491361d55a02b1fb1d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11641
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 431D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1183644f199a3a11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.4249007996612264
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8eb37ab4c76e2ef45bcd93ff6196ea88d52693c29aed3130eaa49596ebb8b82c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
363b50df3586c574d938d5494840665f42a8e05a3a9dee9a040b2949f349c7d8

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-7%22%2C%22callback_id%22%3A%2212479827c2aec84e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90h_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292109&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame C34C 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
110
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b162119d1e7ce6dba72ac3c66c4d869c8278fbc2346659603fc31a1fa5ac0faa

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O40p6gaXwSbvutyBWanQXN1ivfbbYpP%2FTH%2FVA7oq%2Ftf2N38EHqZMYZNuTfLOtm4u8Aas72z6Zwp5jSeXVnJuLzsdShzpShpSBsKcAREpUSSU5mWYxFSy6YoIfH7NT0eWbJ310%2FdP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f1bccb37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
trinity.json
apex.go.sonobi.com/ Frame C34C 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2213247bddb5501f02%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=5d7f2890-6d09-4385-84bf-21824cfffb07&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
db1be52c14acc9efb33cea520c1a216494beed3a9b558e85f05f4833022476fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=3467572481217540&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292117&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=lsqg3taumkx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D173698b7f4c2679a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D173698b7f4c2679a%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=658150668
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26a1db3d0c4a40c80623d2d3c9bd55957ac248b7b3033c355812e40c6fe06f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11668
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1B34 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKKiGxxTWPXeJWT0fLvg84YjjT_Eo5bagzAJyNdTxkkYAfFs3A2ZXn5ZyNknYxk4Ng72SKNLxPb1X2YR5Z0Da2acAiywk9U3-fjCd09__l9IXayLg7e9WrfXW3NrdOq4cOMGK-jWOuhIaL&sai=AMfl-YQfJw7o8LB30GZVz-aaLs-O-vDaMWdwq3FI44-h32fKl18JALPA4jfara1z7S4jbbxnsVG520hslmwN9XfxMGDv-q0Z5wYKTZngzBmfByxve1IiJV7ZR0IOglBR&sig=Cg0ArKJSzMJvl9hgM5TZEAE&cid=CAQSPABpAlJW7gDUXIk53B-3UjRsRBlvMOdZCNeNMCB6r2ec_KPl9UGMhvUFR7rNGJaKyHmAhqm9XynJ8_TrSBgB&id=lidar2&mcvt=1034&p=1110,805,1200,1533&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=995907353&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216290577&rpt=500&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=657130247320031&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292146&lmt=1692209092&adxs=353&adys=1047&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=2ircnuksksy6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=1246821082
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
844926c692ed338e018fc7d23d4d8587276bed3126855fc2ab66a0671748d478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12098
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346202
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E114 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5eb6898764ee3f77bdb4ca410b9b8d0e4a01b031539874c066d542c99288c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11917
x-xss-protection
0
container.html
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A4C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Thu, 15 Aug 2024 20:04:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C34C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:04:52 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame A07D 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ybHSsn0sdbxAFYnD7ZvHBFtCgtqVIyrLZVOQ3MqzE4PvyDUvcai3TA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A07D 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=21ed365ea35ae47&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250b_desktop&slots=1&rand=0.7935821901844371
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
55a641114bf3f473ad4dd3e07195d3f1493134e949bc4a97c87d71150e2ea7e0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223be5ed95fb0ce1%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=2ff0eb91-62d0-4738-a024-3703f5935c1a&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
5cc4c7796261a95223db34b0e4ddbc6d4fc21bf19dd6ffb387a379b8bed04865
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		37 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d9b2488c95511f23a6f6c047bcd5c38bc391f6ecf283a734cb86bcfb306b20

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngMDy4S2ZyNOdCnaSg%2F4yGph0e5OwEZNLtFbuJDroeG%2Fw9mwzzdr%2F4Pr4nTmEDZxDERt7yf3YC6FpFTwtsXCDy4I5k4ngj6JqUuFkkkEXAiV9G5vcNG8g2cqRk7B9%2F%2FyJ219zqQT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f32edd37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-1%22%2C%22callback_id%22%3A%22293776e231557c3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292348&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame E114 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
beceb127885b0730fec9224dd7931b1e760c4b0d6eea26303e7a7aeab1eb4bf2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame E114 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
115
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame C34C 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22136221f2a1751bda%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=d665166d-fd66-4b21-b50f-c0fd21ac7797&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c589972e3328851d52a85bf9ba8e20f86a29ea954487806831cc81a448617e4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
905d954e0e654301c762d06d5b1612c9404b05780adbfe82942e0f5c3352697a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=14201bb093888a3f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.5007822636655197
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d9221a5cc14f7a6063f199c437507b47974c3f137437cc7e195dd44f587972e6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-8%22%2C%22callback_id%22%3A%221442d42f52a9886e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90i_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292359&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame C34C 		23 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
ecd5f899e65c31a94479328d9caf0942d06e2fb67302344253fd7bcdeeadf9c9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
202
content-length
14515
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		37 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dfa7dd2ce1aa677ef4bc94e69c129a7f02af80c4d18939bf28578c90b55f85b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEeDPlHr8mKQU11B3u9zzzJ0472mBOJfneIRl473zqoB4Yd3ToxDfqVb1dyd2%2FKyJb%2FBWzsqKsj1DzGiZQKDTK%2FIRq0bg78qhjD3jiK%2BNmK0rgtu4iorA4UexI7n01pA5%2B8HU7iR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f35f3437d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E114 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:04:52 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=3794299875126793&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292382&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=n5u24huyfoxi&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D175164e2bc664b77%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D175164e2bc664b77%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=3272850789
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
694e4b5713fe62c60c98d0ca146dcfffc0a34f41e6a7d9da461c46634d8165b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11659
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 727F 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VNE9boGte02bik162jmoIB2Zs4fGtEcBMz1eFiyFXE7ApuE7mEPetw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 727F 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edaff3efc1a97df0254c11f03a4e411e5327f6d03a03e518a245b70e1c4b123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7897
x-xss-protection
0
server
cafe
etag
9567219807260151975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 727F 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a5da1fb9d6252d0004974b9b40cee8550f7d6a0ec72874394b9a0f1f9d8e7c0f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-9%22%2C%22callback_id%22%3A%22154dc75778b79e5e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90j_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292577&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=15618c5221bc17ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.44449110574519946
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c615352012b8d07e579ea8002a2693033e048579b6c448c7de34dac764b1cf8c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		38 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9de394125c32934c6249f88ef4cd540e6268ff3b904afc03b9ed53a4fd8640c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzQDjmeiqgU5rY6GrX%2BWFMCKqF%2Fi20kEFH8GEvKEYnWIt8zn3BCndcv%2F8aHdLFaWOlVZeT6ttS2TmT0n%2BtGC54a8yTQcM8Zpa9yKTS53yO7kiuPgKDrTJBxm0oAL5Zw5F3lSDY4h"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f4a92b37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame C34C 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
139
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame C34C 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221640d9c783e02fb8%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=dca9083d-5ea5-4259-862d-6b2c1e9886f5&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0d78583bb88c074b8770263e7e1690b71e066a924a8bb9d183389e4c904d38c2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		21 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=2238785409513527&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292586&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=2renkpq1bk4d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D178447a098deedb2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D178447a098deedb2%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2445953488
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b82fe38a0832c50eafa72841983e2dfc9cbd8a10e5365d57a2df5c4563575220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9448
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=1394228473262829&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292597&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=xefmzdi1tm5p&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D177f3470e2aba4e4%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D177f3470e2aba4e4%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=3516126248
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d7c9844377986f9593864ed0145744b3db3e9ac02796b588861b241bd8ad4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
google-lineitem-id
5111853547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=374222215706924&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216292613&lmt=1692209092&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=5ttznoassps&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D179a69f17a8b0d82%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D179a69f17a8b0d82%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=3085048810
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07b3e8115c21b35e5dc22314e89461435aca1cf9a17b702100f4d91979be00b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11668
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588173
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 1642 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QZ1ld6ajxbEk3L-Zt-RSzg-PhM9oFGnIdxjS0aFTq4We9Y9T0bOpCw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1642 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=36cfcaee93c1456&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250c_desktop&slots=1&rand=0.9734338940354392
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4a8aaf5427bbee7facb775b2c26f30fe226f1fab767486e6e704c6a2f5f91574

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		37 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
affc3f6ca459d9a9003e26e09171d8e68bd4ffd06e4716bcf92ac078df797832

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Tgw8SBENlcjcuyEBFDJrs3CQJPRbGCg80%2FEip6XPyxeTQcoVA2GVABQvhPziM2FgGUwhRieuMBrwKZ2lqwjr7wsDBmYCGPEjc3KgkTHhYsHGOgUsTkOhzeTSFijNyUwcrbcZpFl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f55a3437d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2244d27e7bd8dd42d%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=6700f4ee-fd30-48ad-9c90-b6f6668164e6&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
226f1187e4ddd7c4009d4133602f6f58218c9f714e181abf1d6c6db3977382da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
441
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-2%22%2C%22callback_id%22%3A%22467dbd5ea40a21%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292691&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
bid
ap.lijit.com/rtb/ Frame E114 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3621ec91eeb2adde35d206fc6bd50df94cb867b3b8ae73d397d37f5a03320ed

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame E114 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
107
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		37 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1d2fd41767f4811567a0c14cd8e1a2355f0e785a71449daa7e0c14f0859b5b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhrzeYoLWdN5n2dnsN4qF2mFkpziFdvawGpzRcOLIsw58xd3Tq2Q5Sk77qRjdU5ajaFEqnW2taiGGQuxLerYvDaRTL6ulTl3%2B4O23iftblyDZD4eWaXRPorMb0ZMg9wr9q4TFNOc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f56a7137d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame E114 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c739108356622acea00e530bab386dea13a629eebe9a6b38353eb780c3fcba0f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=5797cf68b5058f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250d_desktop&slots=1&rand=0.11448806133546108
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2d6d6b0e276fb133984461dd144f8ea5c206103fc51b9ae881174e1af83f5211

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2261a6ea6b36ae525%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=e0db8666-529c-4d76-a915-9da8c2d69bd6&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
21c21011998a4387f8c49704c0480121d223c32169d4dc1301d000b264a48479
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame E114 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-3%22%2C%22callback_id%22%3A%22657949b105f050c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216292703&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C34C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2kOB6QMXOiqxxo5bys6HAbqT-QfuzrBo3vaglXEu43pVdKl_C0ZB-4lFhf2ZXzB9z7TPa6uF3-Jk7gjqMomj_kdE5RDBLORJJJM7r_GG_8yQQ_m5a&sig=Cg0ArKJSzCWvs4V4AwsMEAE&id=lidar2&mcvt=1051&p=1110,67,1200,795&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4164803795&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216290045&rpt=1597&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD2B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3935
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B05D 		831 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69da0404a9984397a30305f0283d15720a5a414b4e8cdb9491d732be58a7b51a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D1Pg0E4NI2rr0r3MV2qOzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
532
content-security-policy
script-src 'report-sample' 'nonce-D1Pg0E4NI2rr0r3MV2qOzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Wed, 16 Aug 2023 20:04:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame A07D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTM_eHk64LjUw2mkg5UhBl3M2eszDjCtm4G4bGer1Oz20LeANEhSAsxkaeOJYlPWHyLS_KPjVoibQDsSlNNQHEmTcr2uqPJduOsLHwhMLP36ZUjCOG5shZCYDWmKXTh5mjoAoGAaLKBEfjNZioH0TnvJPfypIsRGTZzj6ez0e3GeK6zZtxVgGVEmXTau2kLTrQhK0TYQzE6Qh1PD-kcP-JMJn_GX6NvBIr7dlNQhwn4y9LJhGdnQuf4qLtDVGhFwb9zTq2IDskY7aEabPKCd2JM1fTX9iO5Pg2jTk7hNpx_2Rcv-yPTxoboOt1PXzlq8aD8YKwshFTr92GilFlJnSv7g&sai=AMfl-YSzxgVl8LMjcfueAi8Z0yWrx9XHrJXdSGRsALiauQXBbVCuONPbNs7ZxV4jaA1-W-v5GVWi_TCfhTyPVVx2TBcTUbW-Lct8TqUdyuKWzi50n-ThI4R3kTwzmfQbp-c&sig=Cg0ArKJSzFimucna794eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 309B 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNViQdrEahgPHcUVDlsjEYkTePxLr67rmzfRtSdHadZ6UGN9Jyj7XmHbJdIFH5nJq7QGAapDkRRmnUh6e5M1fIt8gH7Oy8Tpnl9xqB2KUwDT7xn2ngn-DLNn1G-Sg-OLzGZnIeNxuJLmieUW0arRpioznpVrZ5EUNG1e02Hn_YnuIXcea1M
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A07D 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A07D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dtf9s7TNQEwvjQAu5Zn5uALQujGiQZezW6Bbp4ingTkJnv60FRnE-JTM2tMT0ggUjlXe8UDomLN16kTbTaNayUkt2i6az3EZeXG5LCrun60sxhO7s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A07D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3995582396244411027&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8eec2512-733a-4e18-a763-385a96d1bcea
beacon-ams3.rubiconproject.com/beacon/d/ Frame A07D 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/8eec2512-733a-4e18-a763-385a96d1bcea?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BB280B3E07C1F1059AB02452C1D0A10017FD6E2417AE8F55CA3727D585C26BD0BE9D53441B9BF6F22FE5D718BBE08EF1CB270A460F612654B4BE9A17D68853AE9B1CCDCB62963C87899BDDFEBC55FD3EAD500659BF7286C1ACDDFFD21A07B0D68363F890DABB5E383216C605C93C9048E7673A914E12AFBBF4E6FC96756E5E57154840CBE85B3A3E549E8A28761936CFE3DCA92874ECFA0FDB599B3756D256E57D2CB63373867A436871F097B84E442BFCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9576 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aHX98fq5ZZOoSO71C1jp1kmuJv318QCZCcuEM90gsRZRYrByt8B8CQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9576 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:52 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 10F2 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EH6PsR_PNpUy7bLSSODsvX1oCxsG9RYjIeflmjVzRJCDfO09f-fs9w==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10F2 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 727F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueDuwLAEe_dtpRGTXHOc7d68dhhyOHgmJL1wFfrlvk65-pzIWaVfwUPkEEdenpCioAQxrRAtVJU4xcnPv-cRi2YrrqFcWywoywVKnS8TmN-14COiotMvwyk37FN2jzwXAz2rJY13Mq2itiJAyX22As4LK2JOPi4iKydq8W873wQSj61mVSnYC63gH6YweNhPxI1HePJKtXAmDPTIZhkdre4CS1veZk9Wxe2jtUexxrGXObn8rhxWDWrTAkjS1-XuLoh9gldGAo1w2WlDrYQtQIZmaEuJAstczugxawsajmzRvtIn3it2EnremMEJr-ydGgoFVbwuOp4MNmc-zR6g&sai=AMfl-YQTIVPV22fZiO-8MYvHJK6sssNrEPY-UYiCiR6fbkaR7Rr7FqjPMKYO8LQbsjcweQTs-VFQNFSSNyOr2ct_f_xzFarFxnVbGxZtLiFbixymRzKuryB43M-2TctnaP8&sig=Cg0ArKJSzJDDPSl_bYo3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=2898228788114431&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216293186&lmt=1692209093&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=clhcy2d2bxg8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=3215044782
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f0db191f9ef8ac457dd65424a5c20f00003038d601dcbad8cb20910a60989cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9513
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=1486449920540675&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216293201&lmt=1692209093&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=5mj0sj78mjed&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslvgyXu_RoCUNuwkeEVNJp809JecMoNBLCSjyTWe3Eeun6N82bqNv5372f3SJbuWe5DN0kuJ5T5uAWVIJyyJlOfKLe6EZ8ARWE%2CAOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ%2CAOrYGsld1JjDTOK2HKQL1wnotuVNFIJSxvKBij91ds2_lRHbgQ_vOLvL43EeumKRCfWoQ4IgVg8-uKtI8fhnUqcSt4HCpRHb428EE-Y%2CAOrYGskfn6fII3u5wlLIjvQj7r2ljw-fAjI9he2ka5zzGo8BEstGmCHMM0OY8dOpVd-dN41wC38LHS2YUKl7kMW7-TD3l-Lp1mbSoAE&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_amx%3Dbanner%26hb_size_amx%3D728x90%26hb_pb_amx%3D0.02%26hb_adid_amx%3D182374422fc6ab7a%26hb_bidder_amx%3Damx%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D181e7ae479172da1%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.25%26hb_adid%3D181e7ae479172da1%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2059224439
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c1dade776049d2d2533be54399086ce426c40c12c6543b8a05d46539ec6971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11681
x-xss-protection
0
google-lineitem-id
5111853574
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=2836865489002323&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216293220&lmt=1692209093&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=v6jbbia5kata&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=AOrYGslvgyXu_RoCUNuwkeEVNJp809JecMoNBLCSjyTWe3Eeun6N82bqNv5372f3SJbuWe5DN0kuJ5T5uAWVIJyyJlOfKLe6EZ8ARWE%2CAOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ%2CAOrYGsld1JjDTOK2HKQL1wnotuVNFIJSxvKBij91ds2_lRHbgQ_vOLvL43EeumKRCfWoQ4IgVg8-uKtI8fhnUqcSt4HCpRHb428EE-Y%2CAOrYGskfn6fII3u5wlLIjvQj7r2ljw-fAjI9he2ka5zzGo8BEstGmCHMM0OY8dOpVd-dN41wC38LHS2YUKl7kMW7-TD3l-Lp1mbSoAE&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D18059519d4a826f1%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D18059519d4a826f1%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=1601445237
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
940056dda903a0766f22d438073e7670db5f3e59eaadf6d21a1743fdcb67aa1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11644
x-xss-protection
0
google-lineitem-id
6152679795
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693510
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=2859001701157180&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216293239&lmt=1692209093&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=fv05ha70m3p4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=965386203
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20520a6ea0ae8a71cbe65bf7efb7b3e91d68106685b04533c0f1607d82c6e3c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11633
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346190
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:53 GMT
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22701df5150628ecb%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=54b28439-aa99-41e8-acbc-f3b8e84837c9&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d3332bf9e5c369e8848c94f7be3717d9270960126507a49523828fd630c0a9fb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-4%22%2C%22callback_id%22%3A%2272ccbf6fc30cc94%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216293245&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame E114 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
164
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		37 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0dd1aebe8c8794e2721a1f385f19fa800681bd637203c88406ff11eb3266cf6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcTOSe4meVshQ5OSxMPqG6X7M%2BCrA6Gg1MfU5xSz3BC%2FdPKU4c0xNZDkxYR345CpKVOZ%2B9Q1DhxE4YWRhbIaLThRg4dK1OL2LgStQiBpZ%2Fz0Fuzr3wcmCTXaTz5IjMETFBBg%2BWkn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f8cf9337d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame E114 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
08047a425a18120bdb47132b029cd83d5c0a80fab942dec79eca9175c819ba98

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=8495a0b4727faad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250e_desktop&slots=1&rand=0.9445243688710199
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
06f1faf371de3acd2f199ddfce07c4f1b8e61454dbc8485f144e3436c01dc2be

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
m
ad.yieldlab.net/ Frame 309B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIVKv0cttDZ21M-UfnJXf3E&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIVKv0cttDZ21M-UfnJXf3E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNViQdrEahgPHcUVDlsjEYkTePxLr67rmzfRtSdHadZ6UGN9Jyj7XmHbJdIFH5nJq7QGAapDkRRmnUh6e5M1fIt8gH7Oy8Tpnl9xqB2KUwDT7xn2ngn-DLNn1G-Sg-OLzGZnIeNxuJLmieUW0arRpioznpVrZ5EUNG1e02Hn_YnuIXcea1M
Protocol
HTTP/1.1
Server
2.18.98.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-98-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:53 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 15 Aug 2023 20:04:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIVKv0cttDZ21M-UfnJXf3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 309B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEI6XGCnx7YLrtaXHVgGwXNs&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEI6XGCnx7YLrtaXHVgGwXNs&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNViQdrEahgPHcUVDlsjEYkTePxLr67rmzfRtSdHadZ6UGN9Jyj7XmHbJdIFH5nJq7QGAapDkRRmnUh6e5M1fIt8gH7Oy8Tpnl9xqB2KUwDT7xn2ngn-DLNn1G-Sg-OLzGZnIeNxuJLmieUW0arRpioznpVrZ5EUNG1e02Hn_YnuIXcea1M
Protocol
H2
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
last-modified
Thu, 27 Jul 2023 14:20:27 GMT
server
nginx
accept-ranges
bytes
etag
"64c27d2b-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEI6XGCnx7YLrtaXHVgGwXNs&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E114 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNNj5dWLqY10cfwaJ3B41eAIyJBCTud3GVQrq7UKboChaphWeWGDqx3JsXnZgf45GXTVqbwScEJm5IWcGWPx-E6WMQeCdJX8s8Suq1GlUK2nsNfTf3&sig=Cg0ArKJSzINrKXKMAK4dEAE&id=lidar2&mcvt=1309&p=796,353,1046,653&mtos=1309,1309,1309,1309,1309&tos=1309,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2116473628&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216289999&rpt=1926&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B34 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5616038927925&version=m202307240101&ct=76&x=1&cor=9629528392576995000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:53 GMT
c
prebid.a-mo.net/a/ Frame E114 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
165
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f0bcc9e3916312eae7f1dbe3cfdb07c1a80d66c8a7be858f329ba35ff73c9a07

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250f_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=93c7eaa2b6f4863&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250f_desktop&slots=1&rand=0.7449237333805874
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e2ea352c319c6674e03607960c413f306ffe204a51f4058b39b37f22993c45db

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame E114 		729 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2295b113c5b4dc7aa%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=c32c0c62-7da9-4a54-8619-291483129baf&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
83f0b02e14930055be31425bf3c84282c8c5f46e5272ca394d73ff12cc323d55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-5%22%2C%22callback_id%22%3A%229705d4f9e2da555%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250f_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216293287&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		37 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae784e01c715d770a93903a86bc9669d4a80ef969a191bb44563a3d7afaa25d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KepeXe4cytmVmXxy0qYqbERvJHVlG%2FYoUBhCuOC8c7lZXJ2VW86UvQT2ErwVW2Vdw2GQ4tRYE7PrtnFYX7cL1frmopOgMQsDmKNgq3KYjnzVvmtAqrxRbH2%2FS2Cj3RNzuRVRfvSf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49f9080e37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 48B5 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
N0WLQd3_2hBc_yFQAHnNd_qJu1nSNBRbHPKK1DDvg_QwM3qh8plNTA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48B5 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=14811736082490&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216293352&lmt=1692209093&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=jnuzvt7uj0c3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=495745907
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3fcb4e5141ce0fc521ecadd4925cd1f352e11ebfc02cfb3d91e3e457b07de7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346175
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXFs2lISlsr-qe2Xyhj5_EgdjDWUqY7cMWiM84P0-xjgq80GjsamQkntb3WRC9zLunTFH9B7ufweCqqhGohqEgAnuG05CN86z9_LHOKpp6SSdw94oK1j66ZZS1lSNDXyPEx1EVhgZJT_s1qZ9SkiX4xFx93MIPD-XZMV1Os-qYe5dluIWSxVeK4RKybVW5YIVfhLYl8XfrUkmpPNDoLFtotvBcWuro4F-HKlP8m1wTF3jZHefLTO40LU6-kVIxazS4LOnLeCE4uZN7mWmOP6cH9WRxJ1_OeLCkbGg2gNviOPJ89hgpslSj2Tbehdl9ibDn3J8xXQiuPm2X6XNMZomJIw&sai=AMfl-YRGwMlv4-kZV9UpViW_bkYN4VbOrFhf9t2d2diKLt8AqZkr3QtXYxVJt-tYfz1JT2i3pZhuaUD21nA8cP09boGEIx9zR1fQl8FYpgcF-P9zAZd6HvsiknpBEk8pQlo&sig=Cg0ArKJSzBIJ7rrZqmBqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame CFC8 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1642 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1642 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CEjAAZiT1bhlDIYrsAb2I7ZnyNccCjFlJ2xOoXRDiKAw7RgOG-wvn0kKGnAlKzvv935f5Qh4LWdqL9EgEZDlj8fPc4fTJ7SYYeNmE7sweGY8LLMMI
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1642 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4029020945664093067&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
657b29c8-9ad7-4ab9-8cd8-2f4c2d7c0e92
beacon-ams3.rubiconproject.com/beacon/d/ Frame 1642 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/657b29c8-9ad7-4ab9-8cd8-2f4c2d7c0e92?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B221A7DD06CD4B5CD0B857AC5E894B31288DB41763242EE4683DFC16FBC5FA32A649138B696027309FE5D718BBE08EF1CB14F92A92280BDEC0FD7B3670E775E24AF386182E885AEF716EFE9404F7AE6639ED869C84E2F8FB32B4AF87B1AFE7042577CA919BEE92C5472F0E15923FED3BEB6FC62F6BB616B2F2605645952F60178731BFC1C17124BA3365BC23D50CC41474360671B0E78B0856235703681B4AA1A9E7B1A33742573646FA4A6DF5CD37764E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:52 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:53 GMT
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-6%22%2C%22callback_id%22%3A%2210483b0494a36963%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250g_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216293534&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame E114 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
128
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250g_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1087a7a762cd2d86&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250g_desktop&slots=1&rand=0.8030526363839847
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
378837c527aabe7a4471f7da8b16da2ae4c96e4f3e4264d86bf218e6d5533058

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be0a2dc1fa7622b62f867ccc4b76c5b5202b8aed0b4dea6ffa0a51c5496a59b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnobISXKzxgStXhBuZVxeG7ZFjxg8mjw6ZYMCJm78Ezwu8yTtkfBmAaO9D9PSRuYzdqhEgWWwpHLDYaT1sfsXwqLShR4GcoixxVMuLb%2FO5mIhqakel%2BfZphltKrID2l1uD7b7dXJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49fa9a4437d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
acb323c21a2817ecc1ba9955fdc377abdc2eed82b97d895c6f7fc95e6cf314b9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22118e2419fbe40317%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=9965b064-6ef9-4aa3-adef-cff409556c20&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8494379094c52517ed450ed12d975148eb9fe7654b5f3d1e678c1352a9fede46
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame AE12 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aDrgFZ8uxHzkDfT17eLI1ZwOoUamG6OQvgAWCcYNLBdWE98TldeIHg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE12 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 705F 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6eez7F5Q6dkkDJKcL_GUwVO9-6yWHx0f6XCYYlAfQFYM7987WlwVtA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 705F 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlDOkQtu5MKcJmE5gwZ5l-WGvLs6mBKR2Gmj11wNULNCkfBtjOORGiX8J9GFdxGzU5WjwSjjtBLnktMQp6YPuVc6pkSkc8mWbOaQTfttnYQzkvgc8tzeUSHdv84xdbY6GC62B9yrERUj0QwqRBNBt-pwkfd-zUQM6otTp-NiEC1KBxU7pmgNONX5brD0xNWENdbM5V-raBWE_n6SXu4YFzoXPAQUh1-PYSkT-xI6sclgIPSD6AABsqRlsjzu0-7DCO5ee_fi5PwgkSjtPK2pUKO4ot5WCPMYKLHcrNN1_Uabye0YEFhWhgVvUlEXIg7EVoIBAesMO5rG9qRA1Hks9cig&sai=AMfl-YST_DlxfCD010ao5HQB_zrNswNNFzaWhLzCeizitF6QyuULF0M-4bqOvW92XHyxxf8X2JBs5hvc0xutWVWPZkMt_fvD6_CYs1-9Ch9epXXJKb9dClI6idMsczZDoQ4&sig=Cg0ArKJSzJK4KFHunQN0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0E65 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9576 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhCohNcGh-r3kmYJuRIse8ARdOSzR_EvYtQ6kL9cef7uuXo4c_AJO91fxdephUx4eDcnCrNnyyjxJ1-o18t7CBBUyHv5nxKR6AA7JN9M0rGttK0Ts
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10526078154435510828&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60f94c53-5291-484f-84de-042c5366e599
beacon-ams3.rubiconproject.com/beacon/d/ Frame 9576 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/60f94c53-5291-484f-84de-042c5366e599?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B6A772A0857EA2DE432772F8837565A47E0705A6938F0E20A2ABFD0CDA26C8EECC00475D6871896DBFE5D718BBE08EF1CE5BEED52B8F771F30FD7B3670E775E24AF386182E885AEF716EFE9404F7AE6639ED869C84E2F8FB32B4AF87B1AFE7042577CA919BEE92C54C9664FD73B255D17B409AE1CEF9E32502605645952F60178AEF8A221E7F811FED6F1063E10AD3307789BD5BC241B7B508F63B23AFDE22853B77DE0DA8F74EB061241147C8200ECA4E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A07D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5800996614959&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A07D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5800996614959&version=m202307240101&ct=76&x=8&cor=3995582396244411000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A07D 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGUDDMWbcHbmZv3l7gBT9L9Jvssb6-PxDmwh10RgizFIpxUhPN4go52WCaP4I0_UQc2pyAPQ9nig-L11MDPzwQ-4Ez7mF1bkPPcR490-b4taOHpIkuaIVIZYUDOgQxBpA-X5gX6eG96emaq3YSWJL9kVvh60ycZfi4ZVE0pOnXK36q0Us&dbm_d=AKAmf-CfBlrzjXgn_ARtIDvXLdtPqLjbzpE8q_CXzUMeE_Nuge3plK8hBrDUne7KySvDni3xQmdoqDlS_s7mk7d3RjHXFUa68Z7mgCH6hAmG0xkhQXWAmXACP2l6kIfhrqxeLBjSCO_5P8T5nsSsGLLUxyYa9DCItgqi5HJwKS4TA9JEwder1Kpsxb-rRbOGq2S7fmYXao7rzBsVjq_7c_Uwtm9pYFw5M1lF3p9jOBUPdH0vkx9QlYRbcZ9eq-Lo-HEUGeyiM_oG7phSgEnDsNZKdgEq2arc9OyWaNy9t7w1HoatD1r6FuKjJ_yKpF1ym72NoJulkrd4fd4YjqyoOqxUg1TSmWmlAers8ke3I8tyf5Hy2AVNIUKOqIQt_Jp7CiHp-0RfSz_e7sv6On2Tb_7z9JN3yI1X9_lSg__qzXnha9u_RjpV2WGcismWk6sSvbUvUqTLD6cZ9iT300H4qBinbLT0aSkG918WBiY3TwpB0PZsqaKRXYkb5BT1Jg2JH0PzvlYzLE23GJsMK1m-F_U0zKo55ilJA0tfYy6I7EZOK8eNps9K1Q2MjxpYxnghZ2qRv1veZw-7De2jzBcco-O1kqozNhztb5vLzEmmzDxkmZ7OusJ--UeuJG5VoNAFVgzpDdZb6x9rviI2nYdJq69Ln3VqWz-yfz3_VLgCWvKhMdvC_qp-XTb-kCjQK2TtvPZT4iyZ-azLnAuXD8FBRbrEj3UBLdRRFuFxfFfvPu-KzuJCZfucMCKFo6IHN0KFB2vS8Ij0LEKJQtU_mBZc5Idf1OMIr1cEyvsYEGdZEjLXk6FV3pPMJKRuNySuPCXjBN9w6TQG_Njr5sgVeaLFOc-dNGGKHTJaZUeNZl9QeHVYKTugNm7u1wPyktnW-88i2hOK5-49OrCMtWs0Mx3AgrWHJcAYiUOd1pW_etFxFgiwVJLg_7IKcc930lZI49tjXvGolxr0lU_RfwxdOxOfZ16tETRRW_RXuIusgMTRWSODWqe2StDkZ8Q8bRsQu0jApt4_KglVIKsL7izykpuyh44XI6Ts62pf7NQN3nCLmFgIJjkXKuxwazUWgEqMN1gu7xDf-Oke_3i6vxm89pOwKTB9Yn_hUYrBhvQ1TKjP8-1xcUUY32sjidBW-V4HQaimefhXThfx-04mI99LfnsauHQN32oKq_1QrFJBzsHWgGTVGi2ivqWppFI4iM9YIPcP0RP8uGiUkMSDlNKjl2gMsqSNY1zRFSKYX937AweewqfmtMqwMMYwZ6YcxfU3yaCELSPt2q2rHnOZfSSX_JOcI0vwVX8xXcnzj0ENGO5nrc1gG2RtTsxqP5asah1z5xizZIWiCurnizBauflx5jBjkcw4N8yeXFdhR8CSpFHw6ZIPC902T-dMOALJlbxf-hfsqxWPEnOu9FG8_NZKMqZIF1rMNqe_9xOc5juevihXIzqnaTaVvOTQ2Pa2GF3I31ioVePsEsSsvZsITVDNlOy1mnCbwh_ezRuO8ShT_vWoWaeUshm8MYAvCnMAyILuP6_KWbE3g2f7umlTyoob9WouUUoqkne3R3U5c_F1yzI9t2ijqiy2P_hhBOKgl70bji67GAMRcSNMV_B6ChGSntagTheXbds2EwTLD5ZilwnrJB5csvezFL2_QkdvxNTBwLWToGh3L0-nj8zs2oYXdpPAqZ2IGgfk6aZPFQTfjxHFO9cfFF0rQnu1dG_cVYw0C89w5PTPIE0AHfFVCVvm0N7pt9GJDXhRmME_TomLE3UkXsoI7AjGYSlDqkxEg-4ioChExNBdRc0seyNhAU-Y76X9Lq7cmZwLVjsXT4JPxtbB8GGdnxoZywqGBNUV3ZuU9Zm-sfU7x5maybmneQoyGXQJAaGbphUzq6vhTeQb0fKfJNtFexB8Vkezj6SCXBEVuEtMHtCYKkpKbRqyrEfPUxb-2uXg32mHZNj-oIWG5ShNwiT_Le8sDG5RDCpSAQAKJVr6aKwxlptdUpJ6uRHyhp-Glq_RLudn7Q8ds2iAlqdyWXk44KwiY9bG8sYoWc2dKJS-ERlVP1vxrLD71JkVJoCjAax35Q2X6bA35fPJQlvQLM6UwMf__nt1FMeJEyCU1swmH7VxWXcdIIUpyu6y6HIkSn_4HxQCzlHimpDV-70VXKCcK8hwEESxCDXC0XiGKcUi94hKhwqEX542afJyD-dDG8zqfOMrE5KAfSZNXgLLJvcQLfTjY4uifAv08qT9aifUfC5WgXX5jWv7aNYmkCTtIpC23D8kpwNIqIoHnavNpf-tln1bHsWqrOQGQDWWRvHZa_O14JKiJLMRghXUMa0JWRUrGCyW-6qg1lTyDGEAva9hRE11vatS0YDIRYOukz387BqQ5jarg3S9s9Fr9muCEKEZ4o0W53HtM2vMRLI0F_wOYzgYHZfhgNRiU4lS3gMoE2_XsgGy3yRBtrv9-FlkWPhduPNx9J55-BzUUHKogNbw4amyL3EwXVdQm7SgvxiPMSmi5FjqtAg9zDvzJ3ixkqmq6G5KvIK8oMwoOfYP_XOLebBktpHjJHDltzGBzJPYkY8j9G7EceSIzV1Ps3uEf5dLv5s7GPMI8jH5ExhzzOz9wtSkcKNFo5qVOQJd-x0FuyDQWuLBYVtIMfR9QMEGJEvcwSGRnryx_XKHe3yzveDQCZ6mNSARtvKbqxrvsD3nvELJqzgDd0eOXCLpmO4uZX3zuJ4Ng6oVDZIadUXYYNohsVPS7tdWz-9maD43sh52_eLsYcF_L1MEf_e1PaezrestH4PadrbmQZWeJcBFJjagl_Sqz3XcHdSkiyghmHSn3FQlQZWAAO20wvQpC3v7GZ8P0UP9VL3WYv1Gh7EDdKoE2Y6xow9MYJkozIVccXfey_zd88iYtAyfl1r6q3eW2B8_l0C9o3cBjez0dE3bM-vFvxTHZ2ov6U2y1d7FsnipEsOFyaU4m3x7WRc7uGKM_vtXMdCzJD_NrIl2XeZWrZFrLd0h_Ld-5vYGI68H-2-WnFtAEr1L0t53ljNP4DwYmh7ifiR538eE5IDbM3H8Ya55ohs30q5durYugfw2NBCAxFaUJDPS9h35mQzEMDvRZqLFyKyo4gW1cYsYj7Hn-GWRm3p1oHErxg7U4FF0RnPnRzaJ_sbEifG1_rpf2rQXcLA1g24eMU3frsPKZ_LIR3H7pCu1Dg6Td5o3tW_GwJ2YM9KrhFS40qfHw86zeXD_Qpm14MVQOGPrb1wZemme9XPir8zOKTjMSX5ytlgClH4tiJQhJCp01c1Glx4MKCD5FFQaL8RZWJcQMDdlcvP-nudnOCiQ-1gjntWetfjfLsEYtSaMBhJAA8mLJTBZarzSHWSCRJJ6QpG0_jKSTvf9Ab4qMLB-qJb8kkP3WlOCEhUmJvdChb8WMYRYqdJh8qwPVFM5NrnvwEcu5FEQI-iI5QnWHqLOGdGjm2B-bvGSbMbxUYzVh3Z41XKJi2vCMy2ZAWsRucu-4Q5M3sbmAPprjlZ2pU8NaY2hreGE7afZTLSpI_9vVZ7MczMgrpEQFFjgV65Ki6Md0mdJ9Qt35MY2AoWkfGdFFjrPq4PRobtUZ6ziXLoMcx0AqNh8iO5D8BSPmghP0mbUTv0mPUtmtp4T-1_FEDpQ93antqcR3_bdfsgTi1WR_06szMd6Z8W2VdNxbTPsIeJMXRPwZHPEOaLj0EGpXdb2Mqc-cDbf3J4Q21dwVqvHIEYNfIc2&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWCBSOXLw7yaINBa59ifJdjy1WU-6NCCocO0XKVeHxktJHLsGjfdMBk3uDmvf1GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=3995582396244411000&adk=917780338&idt=106&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
105a070e2462ee0dd7cf3176254dc18e291b25db3a1016084f2527637b5533b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41117
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 727F 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
080bc197d57a3d9669800f997f8e4868708f4779e2fdffa173ebd6fe60b584b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50788
x-xss-protection
0
server
cafe
etag
14163052040870854022
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 10F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiYj3aaBK1z4IUdO58Ql8hSwTo6voXoE1JaI92gDoS6Yk3W_yCHuNWFCWgEjN4qVnz28cpX9ZlQyUTXL8aZayDqJMzv4zV-pYl8Zjdyc-sGfwP_4ptBpevl3GsPUmbVZdUPGGCNRXIYQI2iOXWt6vA_mAfCXcwpIj3si-Xoh8FHhZ4p-v3Lk_yQ8FqRsQVUw42T6djHF5aI7oVxdg6xZO7UWUhlf3KxYT-5vKChrmUbjBqDSoi-v61QJLdNM3E0827lziSgXT-8vSb6txeid3v9mH0NeIHJvBRr4DEyDqF0wqZ76CIGQ4FKWbOigGM4tUESPx_QovO1mOzNKCN2Ack&sai=AMfl-YSfyoHN5uL0ZRGmoutj1wZUj0VBemBNmnKloVtvAlhS5g8gaAo6WiwYFVSWjS1flbmb_vAgUh1FnXpAow9qKNSVGfzaf4K_qZYwWavYnLBlByvic3Cdy47yF34gEUU&sig=Cg0ArKJSzEzfC59ot3uYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FB2D 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 10F2 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM7h4MN7uPnz-an-h9w2B_e-4DKmwC4h_qZPCeUFzWMxpExNQExJoT0YqrQ1Nyj0Y4S165xZ9Ka9haWHZKAtHyvsIHFSdjojucRdHBSS9NnK27j4s
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17924925679700402266&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
38b0aa83-106a-47f2-8eb1-2832b0aa1710
beacon-ams3.rubiconproject.com/beacon/d/ Frame 10F2 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/38b0aa83-106a-47f2-8eb1-2832b0aa1710?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B7D9935728C7E60EDDC864AB38CE03715609956E4284E2F8B970A313A5F243ABFD654AC1C3E413AECFE5D718BBE08EF1C64CD88251250C3EB4BE9A17D68853AE9B1CCDCB62963C87899BDDFEBC55FD3EAD500659BF7286C1ACDDFFD21A07B0D68363F890DABB5E38308BC8D78AF28B46AE228FEC865720F37F1CA1D67F7645BF21A68EB1FAEEB903F36B5CAA857AC4C94D15123A17B248AC63605FD954CD05394DFF3452AF7225CF8D4187560A005FCBA46E0C338056D8A9A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
truncated
/ Frame 727F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
071c931968fe7b13fa6e785b506d1620f3b88f969a9ca9049fa6e06c1fd792b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:54 GMT
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fef050005dac266a279c42deff77ffd3da4ea5f949c86f1085f1ff5a59dbbb90

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:54 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250h_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=12319e098137201&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250h_desktop&slots=1&rand=0.6852531039665943
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c1926aa8e4dc5cad53a3486c630f481402d518c0c18777dc2c14c751ed737ad7

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d64008e85dd749e6a531aad117194713e13e9dbbb5d34b76c235c0a46ca120

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOw0YFsIbL0qdS5Ii%2BcyaQkt49uPmyE0OOoSjBEHc6xOYmllQvKm%2FMRdzMTBXEUSV2wdgt4BEcHIO2mTDmRZ383G%2Fm35%2BOifoqz2639L0yGaeDxvYKRU%2BCA%2FB5UOX7LrvTfBxGqT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49fddefb37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame E114 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
140
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22131e46cb9247a6fb%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=407d0d27-18e3-4667-9878-f161692e5147&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7d3c73455033d3f02d4de33bfcac0fe0ba701fd53dc6a80864da1e4d32cb0bd2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-7%22%2C%22callback_id%22%3A%221336f5724c2365fb%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250h_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216294058&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55CF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3937
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9173 		831 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7cada34f759c4c23e047254ee7e7e0db869eb71bc32176ec4b4f5c0ed515129
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B2Jny_04wvmrEJQfbave-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
531
content-security-policy
script-src 'report-sample' 'nonce-B2Jny_04wvmrEJQfbave-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:54 GMT
expires
Wed, 16 Aug 2023 20:04:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tap.php
pixel.rubiconproject.com/ Frame CFC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CFC8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame CFC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame CFC8 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXf90ksbvNDceRIblOixmZdcngbGmG2V7KdZXpjFIyU05LSJrN2IaEFYDnEPO9aM620cXwizAE9LctkKAcR3odog6caU8blbqIRLXf19qJv1Mee8HLQhUpPHGvgwIEgJvizRI-Ua0Toi95A4AwurFyHBPauqerrhlfwmoGPrdY4udx69uE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:54 GMT
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
25dae557ff00fd9af636531bae28679c8b7b78bbbfb2c91ee37ec5960f5552cc

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:54 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250i_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1409e3b47608fcc3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250i_desktop&slots=1&rand=0.48350123301874115
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2aa79043a818aed122708cdc0ed05e6f08dada1c5c2affc136b19d0cff5d8066

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221445be8e461ccb03%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=4a714fd7-81d3-4b63-bae2-f55626b96318&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d1bbe972ea003d46e9d169f03a8843ae0b49dca32a58f4c25c2926063ca80dc5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09fe9153f060ce9bdd24e16e32b11c4e8b8708e1ecb454c605788112cb9ff42a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eha3KNJP3F20MhRs6G0o8Q4d%2FfvNWNtgOeqcBA6o4%2F6APaOsqNIyV9aUvVPvTyfF0Ji%2BNCtoRKut3Z%2FSl7llsOS8KqKmWpnFfbHqm86owhNEmoUp8IY3i0WJLYAx2QDvqMbXQRak"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49fe1f4f37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-8%22%2C%22callback_id%22%3A%22148ac138e46acdf4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250i_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216294093&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame E114 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
117
server
envoy
vary
origin, Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=3089517907554027&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216294101&lmt=1692209094&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=sfmoyz9wv7ku&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=2511409325
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c10c080c8b121f6d3a730ca2b36b75b42e6cad395ef80e9b5326a71a25c4557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11641
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403344105
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1121 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Thu, 15 Aug 2024 20:04:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 0E65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E65
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 0E65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 0E65 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXKXhnmqCk52q9xel-EC9FJSwNF8PE9Y3Usqe8EKUh5pSYtG_1D7_6ZT9hKlkuPlAFSlvnlAqty1V7GJO29w-xFDguI8cNeJQitRMJIs3gYAadrUjmjJXGKcp5oIKWuJKtku7XJUidUrt4gIhx7zSzVW6oqlNb6dj8xZUY89NP8t91xgZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WZ4R7WY0KV&gtm=45je3890&_p=1713576858&cid=1630745151.1692216289&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692216288&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&dt=Depersonalization-Derealization%20Test&en=scroll&epn.percent_scrolled=90&_et=41
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216294184&eid=1704e2bec7d30bb5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=1999986959365485&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216294193&lmt=1692209094&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=8n7s33yafdl0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=2460199046
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17d6702de2442bdc8fc6e31b1b9b44270b891315fb398c54828dc076877dd720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346199
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:54 GMT
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221555a8541de228de%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=47b9e01d-cb53-40cf-83bc-f7587d344af6&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
d2e6e0f7a995e1017b831c8c9c895ca022cbef536524d5a246569fffd4ef92b5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d1258c29950bccc71abcc8fbe69c3cb778557f8fd198cad5b9c1e2a7c86128ec

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:54 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ Frame E114 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
125
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		391 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250j_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1630b0200e6c866&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250j_desktop&slots=1&rand=0.023636127540906715
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
49bccb917ca8d878e42ee7e81621f750baa24bfcba7cb5e09f1347cddbceebc9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-9%22%2C%22callback_id%22%3A%22167ba4324027e4a2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250j_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216294202&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc2bf0a11127512ec2b88b9695812996b3c5c8bd403cddb6769ba2e075fe148

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqtv8de17iXddZaJtrFX%2FebjE%2FCC93XQhgP19N31PGsKL9vbSQmjeECEa%2FomEBm7rsQvdeUOEEjSjOnJUEHyEr%2B%2F6IxBQRJY%2FCa677BobGbWwDMKMuea4sdkYCC2RoHA91B%2FMtMz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c49fec84f37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216294204&eid=1725624acc2c759c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=867110920356311&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216294206&lmt=1692209094&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qvclehmi3j24&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=748357368
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcbb52e0aad8008b39259e570a64c44d45ded7a010914c6aaf466ccb29789191
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346169
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 498E 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QXhUhsPJRaqH_UuSb0RDp6SMs19pRDR8Jg2fbU39oL73Qmj5TD5TEw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 498E 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
container.html
02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1552 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Thu, 15 Aug 2024 20:04:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 48B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8L5tbAcMP8dxPTu6kOO8VvBUNHMgix1-vM0hEtp5ha9jlKcUkSao4KWeSZ9Wf3e3plkM15sSundiE1jYPFY5iU3ZGZF3bROrJitRdWLvBDdXC_dfLWQSDzdBDiWck_1-R8wZ-Z_pBu9nBQAfAeV9_9UzHOMF9outIE9o0nk0Hl-RKYH45o78RtiQD00BnP95-7pEC4nGqsbYOQxE7AMj9-rNjHP1dmplX0iK-xTGAXw3tm6hiYc1SmBf76OYynTX1D5YsLieIxZcDvkAJsjd_73qMFogtyedI10f632RraaggbcGcxrl15n3sTNvdFEN48apRgz1yiStv3dvL9OrLdQ&sai=AMfl-YTNNPJdVMNzQl-ZIU_jEez-SQOGIKIbf-b3EOjfBun-MpN9bURTUZ1gPJZrXJwNgZU2MixVexmvOdQGoT1f--XHuFszfbgPZjx_xvDzcoDuz0vYfznOkiNLOMBTW8M&sig=Cg0ArKJSzKN8Z6Psv_HxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9889 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 48B5 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ddvdw8dOft_WahXIXeHA96kvPXfqlp0EU1mq30dzZYIm1q6b-eQXc_IWgMWXSERSQrHId8php-jdkec0I2oOLzELdZLQSbxcedcLzX9TYj73_OW8E
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17681578322248074687&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cae4398f-f420-4fcf-a1e7-e73f4351ec37
beacon-ams3.rubiconproject.com/beacon/d/ Frame 48B5 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/cae4398f-f420-4fcf-a1e7-e73f4351ec37?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B4D4255D6C66C3BE0477250434BA31D8BCB1B084885E01083382772E08D61C27FDBFF0E254A702C09683D50851BF2EEDF465BD5C10D6A7483F261708826A93CE0B1CCDCB62963C87899BDDFEBC55FD3EAD500659BF7286C1ACDDFFD21A07B0D68D473CAC4A855590B08BC8D78AF28B46AE228FEC865720F37F1CA1D67F7645BF21A68EB1FAEEB903F2DA347C5F47F5480F755CA4133B79B52E55E542CA957A3277878CE23EA0AEB09485545DE26BA9A4546E0C338056D8A9A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9BE3 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s7OKd5nOek9uZXlei93wQE4NY7eGr3SbAh3bEEu6i1ZYirrteVglMw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9BE3 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ff6d6889d853e00ad1c83a17795200a17f923e76daf2f9297032c3696329a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7898
x-xss-protection
0
server
cafe
etag
1692226126312869760
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BE3 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9ABB 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
H8zfdLPNeKqgP1iolVTDNAlm2xAmjAkSC9CFTk6BKCS8sxbWygPVug==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9ABB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93f3960a10905e86fd95049eade424812fa0d5d61e4cb4e34be7564bd526a9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7919
x-xss-protection
0
server
cafe
etag
13156045624704376386
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9ABB 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
tap.php
pixel.rubiconproject.com/ Frame FB2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB2D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame FB2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHPbGzXOFXWqkSSVmJ5viXc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame FB2D 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNWdkM5_eFpCorv-GhZ7EPgKQFd0eAD6Zy8p7n4AJnYi1erzffoIg8z6WnFOAPCvv-EDS5avs2MaWtDUAE_4uGk5dJtYZk1sfe7UYklBJXMx7D_swPOE3dt9KXQF0jdanGwPtPNnH7KDd1SJ9gtUzQ4v7lm1A1nYtsdCzIrk4kw70JjtdKs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9px1YCXMkC6eDAQh7YIjfbfNJWmRm7nus9eXO2QREL0zgEdQIavmnZhUMZ9dV6ku3w94yEAtwSJ23HCMDyQH-Q0THJfhLoSlhvTFCRHZfPUmuOEWnsKCIQkezl_as-bQZvxdSA9GnoYY_PDU4LhlQ9EnNJHE5NVCKYFQPoDULErcdS20QyUGISW4RsfjcRztdkxP82M4tAO1oWTm90-NLkqWB42vAtT_zXY8tLLKQiYscfTZ7GbUNRapF61zLs_yCJQrEOOb6TTj6bxeshL3VWLWwUxHcWDjkzUU8msGp8yeIVzjHR5jRGxtbLa5ex_39sRj8oUefJ2cSMimaT_sc&sai=AMfl-YR2ZqipkSiXaBBYekaxDon90Z3BV6814OKEMlCjersnjn1ydU29b0ZOUYUsRUYyP4exKJOBRe4hnsr3DlBxnK3OzqoutC81HOYEg33fiN43TSpCH0qj44t16i_INW0&sig=Cg0ArKJSzE7821HRRT82EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 028B 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AE12 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APJmRLL6UpCChraZpPLOQqvci57agBnbiV3RF6FTMcomTStgoF-83hn2soIlKWIT8ZZqGHRkcW6YKjnFf0PKsg3ohBQN73mFMeH81ovbvNRN0rxVQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6921150182352372000&x=8&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f32b1ec6-ed9a-4284-acf9-2a577f923d1e
beacon-ams3.rubiconproject.com/beacon/d/ Frame AE12 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/f32b1ec6-ed9a-4284-acf9-2a577f923d1e?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B7FCD3D546CD18A235A3E8973062FEA6E5CFA39A21D4BA02E08ED823C0A77116DCE6EE10B0AED6440B8B520C66966856955DD4A22007B6903F261708826A93CE0B1CCDCB62963C87899BDDFEBC55FD3EA08D541AA523D52CABFAC67DA3BB5C5A90569D1D358E36764A482AE6139C41BEEC6CC88F49602A0F54E6FC96756E5E571A070EF10DD1CF1B7DD0FB855508CB4F98D14B64BD0131F51D83EE413F3F698A22E9D011E501FE81C8C98758BEAD5625CCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B05D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=3436190074934159&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 705F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyPxD54u9sQacPHN68BnmSMds4pzm49m4SMM5uAzDNs9SvXKNDnB7l3Zhs4mU7r5bvp7itOqTrWrV8YIcvXxA-q3_1vd-wsc5CKfZYMT_rO2lGCLWhTmOeRWV5wLQnVC9YfC-_emgqWfuc6q0AinFAcCGzczOSufEWiwtQEsKmPNtFX0dhZZzkpiwAAWu28Y_12LOK8LCgfDHe47CUSeWI6skvcWZ1IR1nSjaqXCEyf3cAG5X2YQJ35o04W3pOnSVEy1MH3XexJdZY2xyCL3T6jgNLExUaRyoJoreujMnSPyAziO-dzcJnEw2XJ3ICijT7RsQTrlCIzm7ANZ7RiiSLOA&sai=AMfl-YR4cZrgA7_BsQ6SpFO5E3R4doR-IHBuX2fALeIkqAtK3xPnhfRbnCz3iISVVjBCIOjrB3LNn_8KiVGJszJlLlV4e_CH-zkzbBJdFNgSuyqIsU0PYYzHXp4H7LkHx1g&sig=Cg0ArKJSzCaf-ye8pr68EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 650B 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNW64PoEl1MvKcPfiYfb0iWcWKjbMc6iE-LzS5icqb_eM-YyagWE-_6nftpSVC7sqxutf4fzZ4g8CpaRj4Mqj-htNABf0De8216O4AcO1q693SuXhlwQC5EyBRxK4jJNfJpom1d8NEG7PY2hxsyySI3fWMq9dCAlKmG3Hx23vOWHFs7Qqd4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 705F 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrX2rr_1BCtqe1nEnMTPwNGhxwiIreUO8Ij4epFokXrCIq7GDNWYXbgwdkOdUYRReqpCYtAYjTcY2dakHR7fzic6xwhatBYLfBs6v05stem5QUUGk
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1936102112851512802&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eb65dd96-7312-4936-b486-7333618652d9
beacon-ams3.rubiconproject.com/beacon/d/ Frame 705F 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/eb65dd96-7312-4936-b486-7333618652d9?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B0C510426692A643A2A17AAECCCA7BD91AC5CB96E6A18A5D8072F77DFDB3B0B8B3458198148E51EE1FE5D718BBE08EF1C626D579018467FB2610EA5030D539609AF386182E885AEF716EFE9404F7AE6639ED869C84E2F8FB32B4AF87B1AFE7042577CA919BEE92C5422F6CE09405247B2755418B7361316F14E6FC96756E5E57116BA08600A6001DB5E5730CCAECDE214EA91655068A4C88CD9DE3EE3047A1D155A4D4F0320D58B208AFF016A55529C1ACDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1642 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3204263294086&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1642 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3204263294086&version=m202307240101&ct=76&x=8&cor=4029020945664093000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1642 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DM94TAbyI7nfjN7BhBu7WFhySIMrtDOjFJGBaEkgc8-EIu_si9134zNmv-ybU-E_4KG7PDN5gJZ-d0sJzPpKFBWa5psfgEuYrpPeb51bnN7yPvX1sqa5TF5Z7fT9sutzFlDCrYVbLFOy9Eu0L9L5Y1cHg8Yvlcm-x25f-TgWt1w245824&dbm_d=AKAmf-D7XKJWV7e8xQftQPJ-9UGR6Zbkzt5erowSkjGpF1AQjoOr8MgzclCpmG0MKL0Jih6u0VXvQauLOSxlOKTXA0twelEaOCf5KinopvK5j1j4eeEzzwUSby-63VoMtp5q8emnhYwKmNssbYGGNjmj6-KwmiEUKPuR93pw3uwz3v9EYFHa7xgeNywNjT6h_WsaQSnCbUaheTiiN0Zxamqkv-wqyVRN3tumZmwKqcyV-6zZVEgWRPM39WfOvgig1OBBtqyOoSJZAB3QP0XbKZlwI501tDnjRF72nw_ALWZj46ngbvThj5WgFDDlr7ViCQbRk01p9LyXUdhsNfVjQkYVrFgIAqzmfTT_ARBpgR7Y7awANt4TPrr3f9840aBWbOwiniVOklB41FG4ORA-niQjJ4F-mIG3n2V5ZInTCdMNZY19Uj3bFQlUuVN37vrqLtoeloPohyvrUxIQTHiWuF4yTnZIeYD7l7ldDLyJEwH10Ta1v_B9u2Ef_SJMMKOpp_CWJfbsdbtqu-k-lBgOwpUZwlK6q7h_7XGI-hx2yWviDpqrraf_stNQy6MKsvlWitC4fE_0HMB6ESbvzftRB76-GYweHPH02WeS7rWUJCJ9OkArBdVgGgnc0EgQuRksWcRG24ZxvXvq6nHgkblVHXLDQfiaI2ULAYYaIMEjEB5OBOE0uifYkgPTgfDI9X38l4ZV9nuKr4ZYiFtHgffkgVAxPzsnaQ4DMRFDzc6oPhx5wCd2_MXzVaiTJZIb0G6YLWeqGwDdjJAwRjHFLWvxltzX5VYX0OK3GJY4FLr2owNMITRFjbMGZDLbdSGq_1-e9AhqCCTciizXFTlBrDjfup6Oy_GsXIPIkO5oYAk9nEEVsNd_9Qdu41DD9W3SHk0CKA6qtEpM71bplmoOgFrWQRi93fezQRqtoFZ8N52qjT_xZuaH-eLuaAyqXWQRVrMAzEugNbN7_nHufEJ5H0BKvvbWgqKu0pMRqtPmQ0JsSwP2WBMq07ufuk-dRyv2HMA1FKmSv6xjY58uQDjriOuxNoS_3NQuE1bnQeOUZHADkApkrJ9aumGvZDTMWt5DewLrREXW_PwhfpE9b6ZXE_o-gUo5wAheUzb45vSdyDD6fVLMrQjF9pXfGHLSC7ZHaUbD0saYzrzIk1SDmgHGH8UAJKNHT3znzV1AFNgu-DZKvua_JgU-gMB5w8Tgr2fMrckwlLUwprCjfjZTttiRdRcFzqkjHL8JQaOKUG4OmHf-cigOHHzMrwdaXHWiO4a71IVxzAJZT8Effkmoa05FHp0cw8vUHpvi4vGkSmAWAPW0z6ajxlqfaHn6NMouwO9h6XRALyKOysmg-AoIw41PGKy59JGbqjesOTCYNckEoyDFITy-CGEUZaxVzxC9bVBfNbk1rj91L6SwQBNISptK2u3ASVW3fu5NyRiDkl3TuO5rXlk0guDXf2qwa_xmz1bUrtsiKCKk4IATVfgU_bhp8MK-jh3yimwZhuNT_duMTpi1mqWtlyzGTJKaEh4_uJg9DJjuLhBRNfqxNUG9g0w63y9N3Yo9CU1S7ZD9JzegywKgSB0aXqX-Y9qG7TcxT9RSbucFUkopdNgMv-ETMoPAWd5vHtwPtYbczFs_XtW5m6GyinHBSpFMysfP1j-UeT0sBk-QzR4IfForK8mQdwlfdx7mutQdrenD4jR4Ol_5vRsiK9UhDxZhcWK5H1elhGJNsbCwJqHsX1sDsVmHZKF4zKbApvx8eoCekiXiabLH8gLoGGd0DiyH-PG44zZ0yrI8qg3lw0vFKz2smgiauUwrFkCgGDNbBBKQYsriLG3mLzk2xCXYO1xdTweGkEYcK9bjw1Y5DuV03IBptP6Z7nzI-AMyollWti4lv7apNSud1VLGGbtWSCa-5AXno2CUERL_dueR8vBvA2_-aYVzuUDfXP26qNhmMoFepiplI4pdB-nn2C0pdwnOH1vjhwrugcJKN3Cuq0kmZ1eFXS-H7CAR42zigGL8M2hX1fKFwA22d_wubD_N_YvaHho4y3ABBmEA1DjbJl-9p_Oal_0ysjZFJoXF8I6d18J2kyRUZrkamiI2skfqOFxtq9_SadRobV2btpuuUNQryykbbRqmlvmbS9StiQU2Dk5agPcIry6Tbk29gICAvbrEvfJ-eQ4U1YM31bUlAvIf9g8EUibgw8nN6L0Yz0_F5sRFDUQv6nagNNeOWS7f9Nq6QGfj_JAA1uDa6GjAePbrnOdZYDNYWOCKwS191Z9bQcjpvjBKvJjbSH5sAGMB__n21dkik5QvbT-J_zi2wfR4j2zADC2-jKDn8A_1YphWQCg832B1SYBkKj27QJGR1QxDFSb4x6l8mKozREeaGDvK0laL3qDF3gTXa5HJtB3Cuc5feYVgMF0bAtHrjWfqEC93irAAUbuxx8krwPYhIA24Q-KoQA02pTmsTbNpbjVRhYrdVM9j04AVt3OokDOx-Tow8BNEa8ipIq_4cWEYdEIcEyrE9iFO32gqZJXSN4inkTWxKxGrjvB6qoouSgmBS0ENMSgcZJswSC7-p9awB_4O2lhbprpVBTdw2rrIdQzuu_tnrr_bc3wjH210GVijAIdAvM0_i_8zLczsEPDgVC6ttE2vBuXja5-Mnmei4tae4ghTiWldiBvJ4sjMOqo-zhh5bRg924IvK8TI1kQ9TxjmQkDs2fvsQEckIKRhNxykRIkdFfH9RNWAwsZ5uIumvNczsDEHalab2dwpZsHop2NfsR1iNWv84HL5efFTatt_sZGKCRIBI_uxGAfWD756PPdlK5yX8ZTTCS9_S10lX4hxIug9qn7Xg8G95bdHa4f3G6y394uLgMgNFcWCHtI5cI1AEogzzs6pl36zH8oyBQizxytOItlPhKTPUVusgTnMOX75MEJIlMsizWRzIMGDqET6GoRIGhy04NA8Lu6U00hVSL-ab5b-B59Bu21iSwkslby0Qi5E85qcrFA8g8vleR20iZsgcKmt5BOhI3CnDUc3Eb3ec7vW4JUZDbsjVIwdYD09-0PbmYxodvok_CuwwKi5mwJH54uBV6lfsmUSqkKAoGbM9KUSzd6VumNDjyOjzO9BMDVcAQrDZc0eX2IrjjcOPRnbR2T9F0iwgk_dpKjxHxM2LygiLxwFdKnseVGOzU2DJmMYlaixvJ6x3d-4AjRaLbgy1VOuPbUbEIPMhQ659SzMV7W7pv_qaIeYYHQRYd7MKjiAiWGkVvCTboqY6NOOZzC0evEDTjb_qH5lGwkGn_4uQl56GFYm8BYUwD7uzm0naoLSJBm6yEToV09q2GNqWXYXAt6SZ0U4nfP6nYIhRwcC0VzuiGSXGVNMj7rOVcI_RD1u_cezR6H0P31OpWPJvrigYScoSpatUUeFgDSi61ANVmWkHckl0sanG8ZOf57CdRX8_688J5R0wDrSrJpA3ke-4W-jAbASIzpvxujoUucBx0DpkESwDSid3_uDkgljFMsY50QC55-wZzpQNoFrXNY1B2ymD9ZL0Y6nx7zS73jayV8a4Z2JVYyWRbKqtcgzZNa2pnasPKXssEczUyyTrt-1d4X3wdkk17OI3RUHLimM9iBiAokxyxJUidxFc22L8x8nZ8crLD005B9AOo1QqOpaZ1spJR_mj9YAdV3zrXNJcmQPW10vGVQy-WTWhWRpdzUFXuxCg55Qis0whI0EV9P4oCmtQlzoZVIwMdSR0btDgH8w&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWN4fNLedGm0SygMEnreF6DyTESqTK_ciiAYf2_2r7K09HDORcARy1-Oj5L9zxGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=4029020945664093000&adk=351943896&idt=145&cac=0&dtd=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d31db79234197a5e925728ea0eb459bcab5a366de35cff33e9a0390cbb85b21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame A07D 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jePDnqCfblVoiJzhU7vSyv
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b167b62dbb74ddbda9c011bbcf4d009ad09731d8aa2f667b044c5f98259273cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A07D 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54803
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame A07D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame A07D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A07D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 3D71 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:55 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame A07D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz0C-yMn4KXiIkxmdHs67-tbkvXzrJxrenu54YI1xEMtNYu8YGk-9zO2IP1ct-i-L73xNPW9A05xY0e-36lyQoKd5lqy9_T3TJ__q2mkqwahVlQLcLX9P9XzTb9SNBZa-fXHotHu8H12EcH2D8XiSyLk4KebyzTcMFOZ4bXzr6XLW41Zzizo3grDhEW-yXOZUW9gRxoHoU-5FpR0bqZ38cD6_YC_64dAs3LotXJ8ECXAk46R1mewQMPqNlPYJwPvhnqph_2N_6mUN3KeVMJ-TQrBHlYdy3IEZjV1rn4YuM7Ju21qfLQj7bewtGON9TMAcsGbDG_kOEvEW_ZcB-bbS6eJEa&sai=AMfl-YSLGQhSVwEvaA17uz4RLL_7AWkZ4eLY2XvlKrzCPWUneNcWq5rmVJPLBI43d-ta_L4xkLNDEL25H62Hj98QmrjHiuVC0XRMNnJic3jhwlv8IKD87Uftdm3gJBfzXfg&sig=Cg0ArKJSzM9UZXD0TqjrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:55 GMT
truncated
/ Frame A07D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30132134195b671439e4291a9a94bcd5a6b560110bb2437960f9958a86e37df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6741783178147&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6741783178147&version=m202307240101&ct=76&x=8&cor=10526078154435510000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9576 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuoJtKrc6uW6-S3LJ7CGFLNtBeF44ePL3UbdcZz38INbI9WIzEQ4UMDjpX_SOthKL01FFVaQLxvav_B0M8W785WrFg7Z3StXsSEXFy4G4HYL1eehpqy0ZoY4IZ7O_25TdC9VX2MU4eLyIxSE4C3eDvLfzxcSfkSBbdcX7JtGNBcP6wGco&dbm_d=AKAmf-BU3KVyc4DiSkNmQ6vHekM3ybgHRSD_ChQFOyedaE3vCLRXBNFTQOy4-9s2WzE5VAEvnobq6s3ZGxGNohmp7SR6U0j2uXBOpOU7xRoK0mHUMiRSiVooHzkxrYWvWacTKnp1DNTt47XSYWQ7321IvMs5hzwrqmCHqvTan5BjBoCsCGycBut5ejFh5tH7EHGelVh9gtlUWghDqL4Kc0PguPGiVQfnRMyxuHcetvM3FWxfgJuT2ocO7RAb2h0zwVGWX06obGQyD7xZsNCLp_XTwTyQaav4ZKN3U2Duxza44cTfcsdVhLcqaJANqehNJR56ayLXCFUtNPbkWFcc3wNi7sVBfxqTR4wqYHEjUmZs91vu5kQh5WHdbMPlBf_AdfIPvTufTN4PXmLlXQbRk7Qvsz67L-hTd9aq-aPV6tjTwxEi8oTlZku7liSnvyN5OrvPdwS8RSdpiorchPjAZ38y6s8LBb1QB8jOZZKw1_jevScfaedWmLB4T2O0Q_7jJD7nhIICbQrKxAD2S0vlHyusZkrPm2PLYPruSM4wdil_e4EFrdHQIo0fnYqh4Z15b4KpZMlz57vt4NYD2BBvloir25l1LBDgsI2koVNntcq2dpB-SYyD5mgn3q64xI1HbdI7oyBfYPyRycRZeq4p_AhD4-jvMxyuP9xOqgQWAEni7rKzx9DQ3Ug3jEX39P_ANbiCBAgqU74yHvgCSvRx56lFaU1eUpZF1UhvErCSjAFmGDGR2dKBp62v9iYFYpz3p7g7rzFEjEhb6iRNpf-99M2xqa4c0BfcGAYefK4XC18vFj5rl_l6317wiXzHDztN71rBwIUIzWWtnSJbC2oZPirtXqNNS8RTg_0n4LT_LL5xPK28ROwtN6fbygyyy0Fuvw0I3XZ5UrAbwGgSCg3ze2RFJyiJ6PYVQb3_OD00gwsZ6ZY5g2tDh1aFXXbQJZrG0LFfbUvKNvA6M6wdICNQpobojG2xKfSSsH2gzxuCBwlxWbTzrMckRqrHF1LedsVc_d5b-yR9qxjJmm5OnTfk1_hBpqjc8tbL_Of5H9TSb8qBv6qOButh0Sb3drC_f39xv5ADeFBI4FxuyyQ0UZM1XZZb3p0LnzzEoz9Y2U2szLna0VAv0ReaprICVYIO32MY0m-O_FMKW0qizhLacBjgyYV7ictc98jW3hEH_fRGN1TW2Zj7Och8UQb2ptc3eP_IrrucLphbkh0P7wGXg9dvPk8Y2DfClGJLZaMGNF6xvXRRMTO9CNViZ2riNNSqh6hxPz6xoJNQkiurGGqepAiTbxpy5cQYQd7Hx5al4dbZYcZPabq6HnOkZ_geZmcAXX8BeSuMie_EvmAkLSxhN4XS04bDj9kFWe2KFIQRxy4GYteGLnLXiu4I1PG_kjW96YUXoKe3dLIDkog3TeFaMXbb2Svn1JinCMckSkhI1hXvhX8CKeoQEFDTr2uOIxJH6uC6yfIKdkyoFZMfifyOb9W-PXTAfk7DESw29bYSnfplcE9PfVGCuZ8fADwdFDXHNtmbWP2l7qm9yUqdGPCCCjEOCyGupCFLXj-JOf9MGuvWkeR3DlHbujfwwkaAzp3A2lfiFkUVAPuQG2RbS5qdAxcPA5rpAQfDr9I0pwVitgLs7jUD8AVKCDZ7flU5s5PB-dw33lisVymF9U5y9DFaDPWkx4U_wJ5JiR_qZxD1PdehdyTNekAwz_xLdLDh41dzLya-l3gv7i6WxzKUeEuA9wrdU3Q2mj2DNKt-3NTW-0wp1Y-RYO0qV_Pb867fahhF8eFrN9CPYwLgcWzFnGFITNZjEFmCDLl5J841Xc579rXoI7f8pY968noVkbSk7ooLlHXBvxncSv6llb8-WEv69cvKRy6MvW_5hulCdzLfUMGStKS2XfeREkfEK5JTYH1kV2B8Y1Ap8A5xjrv28TdsXa24Wa-vkZ8oR52un16o-1eIhGlX4OR37l5FD-o4US7-eSm5UEBpTofkNFs2643uQ_XQ-r5lfmd8gSx1QNk_IFogklqdai2Bi4FSf0Xsia1q5vO3OYqnw5gccDXY-Hoxvh0GjvAJ-YbtvFe3pg777aDPMkqrn-COfGDTugSD06r1SZ2Pc59PvZgDrDnsoVZnabxiA6d7mQPhkdjtnU6B-4UtU3UUWkbXhgfI60gmy0CXHmWALNVOt_8TCPJ6QySKQZY1hZrm_IRxr79xLBbvQGxyOmRU8H-6bjz9gTnZutfHV-R4-dBy0RH_-RSaUJjnvOPQm7E8GldrHG9mw25FDM7MX4HeEYkpkLi-U-VYsrGoCiNksLLHNSd5Z5te97BaTIeSFK2ZSow8ufI005jCkI0O6N80dzmiPv5wpMrYw5QnRW6RLkPgf8CUSg-asOXzjCPAIRGlhWqj6zFEz6WcjUVNs0OPrxy9HCH98MkQDTxyDfjyr3oZLvP4I4WR0-MFAGHu8R5fL_OKxPfI4XasVdSu039oLECJMf-FjxcQIWIzHIHAmUNtbrHSZ_4U0b3Py1YBFnjXcLknBX9eCCoZJwm_UzWfl-M02DS4Bz1ADqG7_CqHTgNU5Ga5iuLov3c2aLncXPUvtIu2xzwgNiwR5o3JAM4GiSStpcuV6byS7MdKT26jzQiQ5M_7NC6I7X1XCZnm8KOCOn8hOllbSzdgODfEboJXsZAv8flAG6Ht-Sq4Ma8JmsEGOdyPPTM4ORTIuM-nMp-LM4S-bS4FTDwIBgSz3_ZSUe0D25cFzm05_99nQ80ZOmNPp5mz_9Q2-_I0eG4Fa8vxELNGeEg4iOdnFk_COOSeNOnk0uBkrIzpMQEC3lT9zjQAVSH-VT9WZW03GUotDhqULXGSESqtPM6J8DB6kIob3aP0fP6a5mTIAIg5_rlcOBcaEDJuMVjyJ6A8TiPTPe7DSXLmxEgBsEq9l7xIPeHmqmYIfaY1HKTyWEkKPCwoRMGGN_X-iFpWkE9eae7OsTcURyfwm1Ln-q7G7gmdHXvnlFIQiJZPO3oHygPJbFsFcQaQ26G7t7BKdFWZ-r-NuIYQwv4eq_McyxHc2g1zmLrmFzakImDCrlAT4ikjvBLzUlOJ9hO_e4zXqN_IrSrh2YwMzgwDX8VBq7VYCuUFSy804sx0YyGTktK1epdmvLT1pv_5hkVf4dC9RUJgHRrR80_w-VnkccikIHgG1wTX2XeNiuHVJVNCQFHccirBBalULeRCaNCrcZVrJDp8X7YCFWfIbSHeMOr4dEuI673BzaShy4gkc1AFWDpRZXdTgA-wKufwLhWRR6Ab6zD0ZHRYuvejtqpy5gucZggSgxu2Lee_HsIHofFdbmwT7zGnB5_Qkei5KgNIuDdFc4ss1FRdxKpJIGbCG5gO7C-8H7k4GskrnbyzRktqt51imLMU_5u07KdMGpkEyJ3xS9EtKTy3bbd8hxCf5wwoWeo9hw-q10edP6b1vmkFMiHcGwjV8I0b8ldY77NOFBZwjnzHE6A0c_sDRAdWGwDIltC067e2-1OufTNcheCVmvTjYYO_zaLShYjukvJg-a76kLJfVxP-vsJk99rOVTC12a7fqBdDuaK-J6Vqr5LBtR9EnLli5k454BmUHw24P6KjrKQvPlRdYI_CNCWRL2n9ruLCRKcMc0G8oEcLPPqmKgVQaQdFlh8FBQ4RWqAGXXrQWkYAR0jEf3k67NFfg_5w2bNUn5v8lafgeS5daJif9Zs-rC4XRWqSgIPVqPVZqvck&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWIcVxngbavjUo3rztTqW-8uGGAzT55ll8ImJJrrYenv3rT_fySP5AngkwgACMGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=10526078154435510000&adk=1432302006&idt=119&cac=0&dtd=7
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34775b6f7a6cea3ac3dd0e3865415286c47e7e9151b6109ba6cd140d17afd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41135
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=2377338040545351&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216295116&lmt=1692209095&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=z1igvt8kezg2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5%2CAOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=3791825238
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5958b5f9c8734b3867127596525521cd590d2f7d0a703736e3b6ec264f91a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11644
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346166
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9889
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9889 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Aug 2023 20:04:53 GMT
content-length
0
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 9889
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:04:56 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9889 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNXl5SAjhae7XDOCRJElBrNKN75R1-kXFmqwZfqq_QaJ5Dt4oGs7IScmNBTy8LYLFJZXzD-5IXlDPRdZVNvKgoa-NvE1Rka_LZZXXnvMLj-4-uSXDTMfgE8wyuc_0T9CVM5mfJg9OHoknJqM_mgIg8EDPoBUOTrzh1DfQlA57FRt78jzIJA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:04:55 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 23EE 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
knvqx8NlS9ZZ7E76QeVLZ0beksoyFH3zOsXgUkuvBWYGcoRQj6tfjQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 23EE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bb8885ba2099f12232c2fab485e17e50152b918a9afc080d81165b94cd8f9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7896
x-xss-protection
0
server
cafe
etag
13164878317572742196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23EE 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame D7F7 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
D9OHGOBC0LvzXMICSNyGFBQTTMQylqP1oJtLb9pRsvghF-JExwjv_Q==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D7F7 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 028B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 028B 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Aug 2023 20:04:55 GMT
content-length
0
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 028B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:04:56 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPY3c4xjBuyqUasMlKtO4Io&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 028B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVnLzg-4PgPm5F-KFd4ho02JJkvTPddujV3QxxxFVB_Ne_p0Wjm2o11ud9oiIVR1LQl7tx9rRVKi2XX8oz61pdsdhaGwR_15OAl0nmjwkfV6s7pDfeQfyHb57gDJpWaLbyV42vHvTmwqLpkxWaBNoSmvDNBTfqeq7k7m9cEEJhLWZvaPFQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:04:56 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216295301&eid=17397fc961d6b941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=3707565714216261&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216295304&lmt=1692209095&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=s1dj4ko2wwl7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5%2CAOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_%2CAOrYGskayGCN7WymX7f5PmCJJVCF5v0eX5B3l1QmZJ4_Iz4ix9GvZf76YhTsDqH85hluhakKzZa7vSXS-OpzcrQcJpvETOGy&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=2678559298
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
843bce14591e41e76ebbdbd115acbb85f32c650ac1180afb8a4055a4b1ed6bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346226
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216295309&eid=174e5674124aefdd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=3848091377945141&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216295312&lmt=1692209095&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=thvofwmq8149&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=AOrYGsmXT5l-xmho63l4C8vIoOkwFGi7m_w09KmMnooutMHwr_Lsy9sU1AoiBQwwf_RvKMskxHIbDxjz4qJqd3Y4_zkB4ll5%2CAOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_%2CAOrYGskayGCN7WymX7f5PmCJJVCF5v0eX5B3l1QmZJ4_Iz4ix9GvZf76YhTsDqH85hluhakKzZa7vSXS-OpzcrQcJpvETOGy&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=3518033837
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b66212744b8ee3141c7499e7e0dbcdcaaffef31e328c65b04ca7cd2d5cab5cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11634
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346214
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F2 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7892774680340&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F2 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7892774680340&version=m202307240101&ct=76&x=8&cor=17924925679700402000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 10F2 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEQks2M-u3vLV8aNDLIuP0ZdMzEw9hhHFx0uc-tL5LvGbKExE5mZWkvfpx0EjmQngXR1eE3nXnpfbkgX7Qln_J3RBlow2SrjbKaer5jvq3Fkn7tnAICuaJ7lL3S9jMf2NfKicouyaEMV5hhWrM19Jov5Ur0bvfIshSHxJzRBILSQJ5VTE&dbm_d=AKAmf-CuX365ot7PYm3_7pEIJ_51uq68d8asYuscc1ZBiknLi0N3laIFpAnbnQLk2itBThyYT6WwrXRVT-NYSKLlw_N5JpiMS4FnuqMLpgj9LRvj97gxFZgJzWxLgaQRnQ1eQj8aB1TE-LcUlXygsHnYYE__nrCC_t7hnklpoq1cp1Wgpj3wG130xthSzhCh7oKrAR_-7A53_UYLZIqqACWfosUpH7KLxmlNtE3kSu9PJynBSIRkJ_7jbbyvwo9K0KnbWeJYEX1n0-23l-fqNV0EjHpGHVA0DR64CKoO8i-jr816V1mDH3bmXhejRTnB3nMlLuo1P5vXuwoVxdX_s56VGZw784L2aCZ8LIYvJaz8SMyj1gAjfnXMSSLVqra580Tdnl-ZSc4cd9itM4TlnKPQ7SZr0_TzCdy5ltraYStUqpGWEc7DMpDNJx5xLOUSyrhtf-54sWHzmWDRY_lPZJD-XRn7Si9imX1vB174WJI1fzwSxck9UA9IDV6gTFP_xIaiHi6FdglhXulWqYR7ZF2RV9ZvA-1tmQZUnCfGCFYnxO15aDPgW9z4CubWf_ACPmmGopSjLz_1QmLR-Ph6DAhJJHuzXHq1qoqema4E5QRjesC_d26mtr9-ureSWbJhaH4Q3yr8xDOx6kHhRMiGgs0w1cfRvKV-t7Ze03Rq9es9BN1J4XWIsEy-_BgNCKaIh9bZY0S_NBQcbRnyca47CqMaeyPFg80zTfq8malOpYuz4YhNDrVeRAiJ45Nv5Zvl4xtVoCVzw-H7s1Yj1FBMA03ZhMtQpEA2FfBjvrp4ksdsYf-jjve8HLUxqc2wEV0-FPX7hHZTYseDnegLT8hDKcHH9Hnr12o2uTqZWViBT2CP23VEtYWiBT8dogjNVP_oEFbVm1rxuxqxtIG1WHetypgjfjU7bgbgpgj9jwvIQf9D82_OXITZABHVX9J0Oo4xIGIqu13n9VIEIr9tEfHK0Pid4QEmdbZM_CPJ1o33b3JdZU4doIFXBzrp4V7RyULuhanToWg_r_Lls5eF_dkWLNmH4YbmB7DJAvw7TR5jGK5B1l4SoMQEB9DJhCVlvhGSTj6aY30T-czaZTFam6klgEkikNkpczi3QvMrSeQ96iWgtWtp5Ck5XQDkEYrWMIUmZfdG3CY9jnwXY8tydTdQ93MgwLn7lh7O1ZQnIMZ1pxAxtSfhjip8Ml6I0g4Kc2SBRoCkFRtSpsM4kOGzQPU3Yu49G9nKD6WVwbYI-EuXSxxaGn273wh2uxImTOTY5milC0BOxGw609Acg6acL6K0lU47oSYLy-9d_xvW0vMJAA5hgSWd-ZdC17jeXStqwc76oZOVHns8j9AGY9q4mw72kecw-bDo1EBoPKmulgAdMwGM31_bgoeMzkkEwF0_mlci8B70bHlRlF42IQzZYPuNHNY2mxgm3r5c2jSSdUJ7aNyFXMfI1JJKUg8ncPOm4saPdq7h7Ep3C4PCiuA4tNCzqAYAqzC_m7c3GmFhbi0Bd8jIKcbhaUK3hQe1GQfKu6nSg-4AX2iLgotnavbMcRIRmvMzy6yU3Sy-t7M-1gS4lbjcrAAoIkrU2gt8FefzIhRbhraynTTHkEK2MsX_CkI3-FpAcg066n2eX4KMFHzw6Vt7qDU4HnRgRvwB_OrmVISLUiCT0LzWugaG1Cy45VQyeYUgJyZ528MZYiihgcj88opy6RUQHs6IUI1PkXeiZUbFtYWkE7oJhSReXAhTzpEC2PZyiYBvCuY0fBkLfXtQ5ZW7dP4ALdfCszSSSemEwv3Z7MQsPn4U0mELWtka6pj47sSruvLfuq74IYAyyRhwz8_NkNSqLnuUiKugBjIslRj2MlGsed1Cim6MX5hJmOeBOhBAXb-D0Jo4-905-raO5hm2oqfhgOX6LUo325Haq73hd6S3oMh4Z0m2DQdDCTSrMSXxIB5F9XjC1JxtJHwuKLTgxDwWjXMUggiBYmBdaNVebsYGU5t6cRBhJi0rzL9v4OWlg0aRlLGlKEBijLPpoEelRK1EC18E6ZoyynvvF2tGhPlFKLI8-Ck41LgxWFzeonUHGFcg3UEBNHlR6kMkHIs4-oVacsSUaN6KwuXCTCFJi7W5BilK7HHiWcSnEj8B_7mm7z1vitNm3RdYt1yd-UAfyG0tSXrUXUluxN5UJ4qYmbzvxfknlEDF0SSV6Ru_BH9MxE179F_uv5iLFymwXujbwtuKuNX-5OUEl_YD_MEoBIjVK55B8AcRa4W5hxzkAzqHmWPfD9ZMmgJCL4n1PzTtowYKdNzLkgqX63x4dSbpHL7jf7ad49OBPY_gHjI0NTE3TjiLMg4y1mJ92QRR2i_UKXYY_dP4BGrKStV7Kg51TuERfLxONLOvS9kOYs2fCXEIQvUKPH7coxTKe4PTo8BGzO57KgsyZaQLvwe1U4dY_3BNQSVl0n7CpkiZDrfdBYPAkhq9y1czeC92481RZVM6cPr5sh71NTl9ukzmNM_YGbK2vREEfDW39qSpq7yYG6KGtfsu6V23KU2vcxnMlR5CR3Lf2mg-8cbyR-JNGpjzRgIdaiKPcxmGcDs2RG1Zkkm3RaqQhNRGFtW8DsZK-dsH-imKzfbztzXArOo0gGD2CI_1O9bcPvlFzqU3XP0j3ASSSAF8XTgvQhj9MZNb3JhF8zWRFPAXDCaW2C8il17hdUqzoOzh42a2ipzkwc9xMtlqXSYciP53bort_l6eX4jQ65zlvF6jKneRknps2IwT0a4sAiTvsDfEQvjMj17xXMKVmba_ALOakw0R6XSBgSrG6ZY0MVQoywra0Qtswex4iLiLlOw1Hm_Gocdzz8D5JdM3jxbMchodNkhEiY09YKIXxk55ECaqY06mxV4ybC5ZKklb5brWF7LzUMRKKsoclrVm0Vv_AUb8rYsVF6RfH8Nulr_J8XJUSBYemmEU4cN2GpJoTXsTnxYeYkuRDKvrtkfrfqSNgs7lKh5JDuNbD3dZEHbMTxotAxUG3HnBillVbnLOKokipv0Z0IdX9NNDsiY318jeXhcXVP3AWkJ5B1W2qQP_uEm6n82keDViP5IT86_d0ZFb-1qBVaemn_bq_gNszE5rKZtaitfbz9MQ7-JxdF3j6B---UJ1W2SQuch0NidfwbcUI56ze59bdIgmzH3L1viFCbkNtlL-wNdB-mPUPxkxW90X7gpbT72DFmeh-AlvjbC2G-4VFCXqHTEuXh5WqeBw6V1MgRhlVlnOq3P7zJUIIb3dSgx9zKD2Q52bRjdg31eMAfY4UHiRipSp5we7gPgZOsy3aFLhIbMUqG9d_qRrh6KX17suMLvZ_0v0V8lpA3AWPj3WSr9kxD4hTxllUmFOs59CW8UVJMFB2ifBNFXrxLxQVM7DngI2XDlIKYVvnT3VxSAmcW6wUIcNWeBumW_wha7S6GLfJr9vJceZ4YxmpF7DldLEJwfbJWZQXVTkDkkkIXUJv3oa-KaFErjdAxV2Rz1QF5S1WbeToKBvbFXA7CYEcSFG_W6E6zyccEMEmbcJ3OliuA18gcxoot_1SR0_ffpJiqFsdDsAY-NeeSq9n7bJGN7n2mGlWv527riBk2_PN5igUlaSiUYWVPm7t6gUwOjky9VYbXZcyFqeCpe14Sxw3TwLRAifNm1OTMGe8nVCQvuBFuanTIj-X4_mUxQShTSTE_uXpFN786BIFphjuXXmdV_o7pT6u-1ojXgjoTxD0yIA&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWJVDyL8IjjTOm5lL951PfRV4tXWKrLiKWm4M1oQqvcfegvc2K0YeYkZp09jTtGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=17924925679700402000&adk=2591044956&idt=176&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5800f6df071aa5711053e98fbe1e2b2cab668ffa3a98153ec95f3ebf3187475e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41120
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 650B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGm1asyBg4o8P9jpJaB-v40&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 650B 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 650B 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNW64PoEl1MvKcPfiYfb0iWcWKjbMc6iE-LzS5icqb_eM-YyagWE-_6nftpSVC7sqxutf4fzZ4g8CpaRj4Mqj-htNABf0De8216O4AcO1q693SuXhlwQC5EyBRxK4jJNfJpom1d8NEG7PY2hxsyySI3fWMq9dCAlKmG3Hx23vOWHFs7Qqd4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
event.png
tpsc-ew1.doubleverify.com/ Frame 4824 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=9d87e7c5d16243a886811e65b48a2da1&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_asmm=1&vdur=154&eoid=16&te_exec=0&msrjs=4496&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&tagsrv=1&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=59&tetms=8&msltms=17&vltms=154&sei=290&vetms=107&tuviims=374&tuviems=635&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ee_dp_tmads=2811&ismms=121&isumms=120&nvr=6&elmtp=1&isbxdms=2517&b0=100&b11=2412&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2512&sftb=2512&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1583&isuiabvms=1583&ispmxpms=1583&engalms=119&dvp_dpr=1&vstsz=4443&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3692&cbust=1692216295358176
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4496.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
08/15/2023 20:04:55
ixmatch.html
js-sec.indexww.com/um/ Frame 31AA 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f7c4a064d459a0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:04:55 GMT
expires
Thu, 17 Aug 2023 00:04:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame F84A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 16 Aug 2023 20:04:54 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 3BD6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:55 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 1F20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B97E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=146942
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 16 Aug 2023 20:04:55 GMT
expires
Fri, 18 Aug 2023 12:53:57 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame C34C
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814030
49 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814030
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814030
Date
Wed, 16 Aug 2023 20:04:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame C34C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
49 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT, Wed, 16 Aug 2023 20:04:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C34C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtset
bh.contextweb.com/bh/ Frame C34C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c14373ec-ae23-4234-b48c-ba66107dcd1b&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cDdGR1VJUDl6T3lpV1dIM1h4Qkxhdw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame C34C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=sonobi
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8117099621253661539&ssp=sonobi
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=8117099621253661539&ssp=sonobi
Protocol
H2
Server
3.65.183.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-183-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=8117099621253661539&ssp=sonobi
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 727F 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
663e6c692ac6f3b276dc3215dbacffece42dcb3becb129cb8c19b8655492338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128222
x-xss-protection
0
server
cafe
etag
10893971305899394779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
bl-0211e21-432e39ee.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 1121 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-432e39ee.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:34 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
KJNOFQ4cor9tQ3oquej3Jr.xW9DWpvCd
x-amz-cf-pop
PRG50-C1
age
4042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29071
x-amz-meta-git_commit
0211e21
last-modified
Wed, 16 Aug 2023 18:37:11 GMT
server
AmazonS3
etag
"ea49262f3f1d76ec09e9d58914510d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
82dmYXPw4V89EPjDg2fXieIEYm6niW8gB7gJaBNF60m2DU4OfsQAdg==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 1121 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
IBNTqwTFU_BVM1Ky91IL9dOmBqTv-Qvb0xImusih2QSM1smabYbeqQ==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1121 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9lx5e5zP1rWj81qbNXqhymeYu6S7EsXk2Vbi3AW85So1pFvDvGhUAaCe---dp9aEFiJX8j6x8cdECRjkCLXw-u7hy14UW-4IZUS-FjkIYLh9Hb0I
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1121 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14470737961470524599&x=1&ct=76
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1121 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1121 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1121 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:10 GMT
l
www.google.com/ads/measurement/ Frame 1121 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp4t8_BdwxJleVeiRNEugNI4LoWPV-RTbf-gx-yc_vw-Lsdo03vpJoAd2YUSD3G63ZHvZ2
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1121 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
usync.js
eus.rubiconproject.com/ Frame 3D71 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18681
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
isyn
prebid.a-mo.net/ Frame BE5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 16 Aug 2023 20:04:54 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
10
ixmatch.html
js-sec.indexww.com/um/ Frame 6482 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f7c4a067d8e9a0c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:04:55 GMT
expires
Thu, 17 Aug 2023 00:04:55 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame E4BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
usync.html
eus.rubiconproject.com/ Frame 73C6 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:55 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E374 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=146942
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 16 Aug 2023 20:04:55 GMT
expires
Fri, 18 Aug 2023 12:53:57 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame E114
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814035
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814035
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5144588525887814035
Date
Wed, 16 Aug 2023 20:04:55 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
x.bidswitch.net/ Frame E114
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7&google_hm=YTljNzkyZDgtYzQzMy00YmRhLThlNzctNTNmMzI4OGVhYmE3
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJhTF7m1eiYHNrb0p0kWujQ&google_cver=1&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJhTF7m1eiYHNrb0p0kWujQ&google_cver=1&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7
Protocol
H2
Server
3.65.183.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-183-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJhTF7m1eiYHNrb0p0kWujQ&google_cver=1&ssp=sonobi&bsw_param=a9c792d8-c433-4bda-8e77-53f3288eaba7
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame E114
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://creativecdn.com/cm-notify?pi=sonobi&tc=1
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
49 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
Protocol
H2
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=qxGHwekWHjE8X0nVP5t0&pi=sonobi&tc=1
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT, Wed, 16 Aug 2023 20:04:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E114 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtset
bh.contextweb.com/bh/ Frame E114
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=c245c61b-d2c7-404b-b723-97e74240e839&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=SmR0ZXkzSFdMaVJKOGRpakF0Z01Rdw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 498E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU-YA87tQiZPFepOJKSmEGCesHWVrOsKSaFArOT1PmDLQlLQBOU6zjYjiSwr55TjOfjpK-evky0rxzQJwfmdisp7I-Mnc0FMHnKOO0MS09Fe5QP23bMI8Yif35v2OHv3Qb74PodllA70Cd8mqT6E8M39cbd-XhTCqrlF2H8YA_mbcxogpZ640sNZg3iRJ6q8e9MN3trbage6f461Ovyi9MwVzI3rGmaLynJ9AQEyCkN0HmvbSDE2PjKF9x5fkVDUEmPw-7leMEShUqDqfaQU1O6i4AgO1DHQhYHR-nUCqfVpr5hiyC1EFJ--tgYrLZ6C8FP9blYB9sd_qPxvXaCpc0CQ&sai=AMfl-YRiPwpK4ELPUX_6hX6JhiqSi1WinR9abfYbjz_qDFFU8vPg4XSSvbZ4EZF3r9E0ITawBzDBM9ZTWZFpQhx8UYJXXNY8DDSQ_oCHJ5sruA3R5TiGL_VG31mJEb6Dogs&sig=Cg0ArKJSzCqfpnGqCUDAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7E9A 		323 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUuHPMIOS5cH7DHVJxRKa4uZ596P5S2Q8uv8rz9eNw1JPSBZp6ZIW_vl3ccZ5Llva7gn8ZhH7KIxK7WkDdux1aHuznOOttuCRsmeseS-GkesNCBLHOX8CF9NbCW-Nml6uSeMweB0wPdDzs0ebImo_VROhk3xWGP_dSH3AKbV-uAw5I80v4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10dedceab30b8ec091e300bd2bc3245a32436f71923d3a9cfd26b2195a98d64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
125
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 498E 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 498E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhPZkPPdIvUidSi01oSLWbkYmnfYKhkLY6gfmYe-iQu5dnt_x-t4d7yvikG_x0us0PuPBkd6AGab2Ud924qgIIXal2UpSupgYOBiglJW5DKYc1zs8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 498E 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13434467368271390512&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6303ee43-5583-4ac4-815a-83f777da7fd2
beacon-ams3.rubiconproject.com/beacon/d/ Frame 498E 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/6303ee43-5583-4ac4-815a-83f777da7fd2?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BBD16B57C5723C8B269940DDD2265CDCC7DD82335BEDA6F74EC8551DCCD2B7266D76EF6BCA79B3EB54B7AB08DC4BDF40ED51123DB5549B432002D0B74D92E9EDBDC937872C48698373AEE70BF60ED84DDFBAE73B7B8B07862B45F0B896B1985B24505603ED560B2623A991B2460795215CADA42A24D36DAC769A8906358651F33D13819934184F616D834CAE73E7306DC91A7BA28F3918BF5E8C5BBD2833F016F68B1121034E467216CC7FAADED0A25EC
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
bl-0211e21-432e39ee.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 1552 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-432e39ee.js
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:34 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
KJNOFQ4cor9tQ3oquej3Jr.xW9DWpvCd
x-amz-cf-pop
PRG50-C1
age
4042
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29071
x-amz-meta-git_commit
0211e21
last-modified
Wed, 16 Aug 2023 18:37:11 GMT
server
AmazonS3
etag
"ea49262f3f1d76ec09e9d58914510d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
97kyzYUp12y7ULf8yru_KqJvncjV4BiAK3IwnA0EKdUgCRuFz-MItw==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 1552 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
v_cXxOpAJ61uG_n6H_spOLVKOMRKteQkkhWkWrLcYh3LLWqaQWCurg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1552 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AL23KzzukYd7UMX7eDoZw2Y1T4PC-Oe_v7UMS1zvSWZwqV_CoPUkQA2MpccXnjmOHCzfhFBXVI1i4t-dX3qhp21gLAh7IyKFddbdBACT165xiJFiE
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1552 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2661047666092508600&x=1&ct=76
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1552 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1552 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 1552 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:10 GMT
l
www.google.com/ads/measurement/ Frame 1552 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTm4Riu5RD866dWAshqhQ5RicyZo0B4BSj2fHUGJmDFuLQ5-kUTYK6nQjWkAfo9HJTQURGQ
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1552 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame FB3B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3uRSYFTnjaF_RDZH9LB1C6-l-UVFN7C-CcWKrq-51IdSshFM7netYA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FB3B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbaa6ea4be4bb91d6e7be0c5a2205a00f2c2f0ccca6012dab2804cdb66344242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7912
x-xss-protection
0
server
cafe
etag
1073425154246235361
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB3B 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5F67 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rRcBx3UtxEF6SjQ1iVOASMJZzF2c0E3HVel7dhU0YB-_czc1Rg6IQw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5F67 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ff6d6889d853e00ad1c83a17795200a17f923e76daf2f9297032c3696329a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7898
x-xss-protection
0
server
cafe
etag
1692226126312869760
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F67 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9BE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueuyKANGb3bWlJwptV-xbx-xHUEpE4m3QhFWVFI1oX8JcAsPvWiMOdr4X7K5APPahUU-rqb2EFnKISDSS8lMIXKRVnDQrEgbcacFJFsVaodQdnxO4IufC1N77WLIMJZoIst0H_0Q65b_ZLBESbhVuLJng7wnEsvhWCew50ZIEY9KrU5vqGMrBqaXMpyOnhtHZP9z5XpJ2rMkNBRnwCCJxXdj-ViW4gQ7zcfcnMd30pFsxdAnjFSD6nYRuSGu12ZNGCUpSM2SvB0PgD-g-k2ScczwT0LlDLpb50xPyCkvpv9yo3RHiSM2UN0eNLspNpmE-vXgnEBznQPZxKFfdDpxY&sai=AMfl-YTNSfqDrxWc3-xOQmqxX_6vXepghWrsPJagjTCvTFrmDqy4RnZQp_-FKFdC-dkrgwyWCxZZkgsBsImkUqfSf-n7DEz7s3uVu3-AtlzHaGailQ9vxGmKNxMJQIH5o60&sig=Cg0ArKJSzOWrkxiz7gRNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B5 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=273948435656&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B5 		0
21 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=273948435656&version=m202307240101&ct=76&x=8&cor=17681578322248075000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 48B5 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbtIJqpvUPnYheF8vMnyAZNEAujtTojfFdL09xd9mBX5rW99lKwkmyN2jdSn88yLT3BHnsytQgDBBRfba2gE3kdiLkCbsY918cWw3ulu4CcJad7qg1TmXGGPIBgEfD6HMb-LnIGIncCV6x2t6HEM8l7UZPzdBdORFIoIX64fj0PtYVmi4&dbm_d=AKAmf-BKpLY2dCziwt4QkzEmxa0XDM1qTROgGOJOO3dk0OsK4JyHBQhxS7gdbyD7FAnt5RosAeudkGa7LG-vXEqRjxp-nEZLrEwuNrCAT7eZbUuepHmS03vcmLgnmI4KiGmIERn1KclhFyYZ_b5FxN9Z6BaZrBqR_vi-gCdrrkaDjIp74YzkKiv-pwuk1JZoQ4ODaWI5sYu2_MYPGeHn0EpZ9uzAtjri77Ta1iMsPIW4c-1Yy7IM_YOhEwAxWwKjFkYUuZlPU8VAmQ_pK0iP4xttKNYOJ7ZUXPx-0eaoJik0eOOV0_mu8fuqdwPeMjrTyj_FRgDGFGD1zKC2no9qSb2oTlKVzVVy2p1zhreeePiWzDQZ2g_QZLZ8ElalnNXmMsafB34EfrPYK1m25MaOeUEM1a8fAJXJlgtxZb1dHavhzGU94Zk2Q-_p1LRNV_JxQejfJxJLpYTRhPtJ2ID_e1dSiyAo5hFyF9E1290pbdqZct2I_mUKiLruEsE7yLP6Eq_xQR3h4AtuwW-K1NDmfpeV887VS1WQ2rXEsfl_F7o_i4oFLVOW_An2GTbUeYpLSminjw82fgdRfc137SNTNQcBokBrWxZAzg4I-MWRhN0IwiutHce03-ZyPaiCiHokxjTGkCQnOcHhQJnn87wihToRCp4iT2PQfj26Wt75jfkSR92ykvQRmXbG9G1cOL7DNl6HO4ZYi-aDaaK-fakWnV-v0lamJH9GiNCbYAk_G1vjdr_Sk-F9ztqwg4Qvc-DZgqXY5jZy13BTqIXDBLbpAfXmBS2jZEXG10BrHv7NWb6gY4dvwAkhSdCY5KBAg6h5R9KpARptICshueAOAsjnFQyWvj7H7gzmklTi3j_41qiiyKdaWTvc0N-kq4sSyujFWEfZRu70Cvc-lWVCucegu9Cnbkrmb1QxfxDuWBN1Xm-WA_S4gamV2FZGi5KX16ZcavdZC-K81JYP40qib4FpRJZTr1mVEDGwz-2tBS9FcZspQ7EPfCmwiF7VV4kVCQ3z1AeUpAi5qylPdsuR8LZmCZRXuKivfOZatxNGaclmrODSdxTwVPTzdkt3xl7LoExIhwEliYr9-zKESNn5atCjjY9OfWb8on-37HbdV8h33xWh1SXUjbgYGyZokaYi82shQPFIavCle7iZfM92YjlOl2iov-vh9bjW9RpQC8BqNK3VjcMW0OcG8meUBZAQElRFDKAfn9sJKJMvJ2UIXwROWA-Ei6TIGjV8pXRdYkKbn4gdhXeOoOtay3UlnfXniDNHildKL3QUiUTCQW_sF4auRhUjLs64AWCtz32rgXtfnMLxvX67-Nh8r0rqyi4wQX6sIUAJSGlwDlKulKj-9AOZ7-lFpuIdWiltXHD0ut6Raf3MZ-Bv9H9T0JU2RM0K-7B4XwcbgqnUr-ZpgtxfncQz5JX55Y7qAHdf0mJe2wbXJMvCPToja0dxa4S90KN5s2J4JBosK1y3svkEEwWWQA1ObXGnfBp9iXzCBXskMYSpfYyEOmMLJCkVCIE9Y3vJlx_Hw9dVitKNp2M4ZGNUSR2H0P9SlvHNsVWZjCIrmSxP36ACSV0egdnOZlsPPkrrFE5-f_QaBOYf_MxX0KL0jxqH2AfKxIzIUXYsj46IjBzTNdXL4Qp-gJRIwg-sCOocRqk_r56qu8lAP-9WbIM1PhXRxLpDQ8X0Pixe1wh9zejEMiOVtBmDZUzXraSRK9XIagBh3UNnHPfnIJH8DBnxEjTkgJ5t6QVByZXJGhf2PbvkIdvVlUqp0eX2X745C48KIHSbRMwY6CcrOmQ5b8gUDCJy4h8wScLvBikSgKAhr8Su9TbuaBRKa36DNWpNUBAy8oTZNFrfvhjz1utT1DHzGaRmIAO314EfaEvr43mWujrlhkMIH7aHG9xvvXwl31p00RaaHchjURN7-kyQyIKuJD3G5zhpJNo4eUkUsxcva2G8Me4qk5hQhMeZwP6F29gfMeQYCpK7TE-jTkpzXMl2YBN7NYYYDD7ovuzx-4p-aZKo632ug98_ttasxCrlnPtmMObNvg9qchfZyEzTX83E0FyWSNHyyGRHixLkFyhT8HmdSD5l3Njc2Fo6-VkRMMlpJfQM110J-rlVbdH7yuES4NgQ0UHKtBDCnPP3AevA_5SdlWPP2uz1IQbrF_mHoXMzvWgmOqisE6SOxetKGtlCZjjWsrfmbYlWHZ_Y-xbaf-CzZeW6Lj6Jt5f-DP6cIU19KDE09QdB6sdETtC9DMWcrTXo5eSsQzpZnZ5Q5GeU-ataHPsmx4frSGQvqSLD2yo9xQ3vU8pyGP6DvExnEqkXNRHuSWuSQUkrl2cC99dpnzt113OM5kU57tX5WI08N46seXgQeiP7hO6V3z2ezkvusNxN0TwwJlX2usz_xF4h2jA995aeZddPTaxxgUpm-J0L1uaseiftpH8klPucbf7MfmmrbX1rlVujsq-J3bdJ5mbH1sxONdO7dG1-M5TEeuzw_ieGWhO9isEAuXrBRC24W8XEL225vBZE70xXDe7EI-T8TXYf3Z-S-qDA0k1sCunDOjdYVnOjFXJqRuDCcun7QdMIOYmTK_RQpIU8uNN2aT5KuTmRZLNootJNU2bws6V3KUIkfun0M_Sg30dPXvp2V-WEjbzrhD_MslwWAlAEcDgZJFlXipdKhRiWc1-ip8A-LhYpY3tSzBWEse2qtzLVARL--d3Mw1DfMmueTmcZBh33Y0OzLiUru-TI-rIGt1QAS5aVMlW8o-nnptK4qaGFCqo8ozpOvVOaLwdwh_ZGOkUVbvl12IPJdHMQmZkX5SP1XoTYwcYfzgpgz0A3YQMpcA6FEq6EUqb5ZqzO1FqznBGIFcYSkkzFeRmsZEge9m4O-x_fCo4EpSUPZMm6RLM2wCVCFI5b9CFxX2oDHO7jqtA6BQAOS-VzsN25aTCXKvFU2F6LzgYDU5Djcthwo1y_Hfhv3EFCLKRCs4lQSIW9i1dmO1JQZ-FzRjkxc92XJLggP5gDvZYm0kzl8lrJ-g56d-StIemk5m0Go9dOi8Sj-zd7H3JurWljAwPA3uiJJhPEvDQn4REyUiUkkFC7kqrUV5jNnfk_YqmS6xA-dCIS1AZyUG4_Liv7wobjna5nSWuLw2vuCqZuZfzu2J8sMt4V7YnUs1NayWe0Y9E-pU0CXuwdP7yIksWQIyVShdbBSjiYViru6V75QnLR8Q6gc72m9zki1NhFgYRj37ue1xy8PKRZ3BppXgLhskhV-7jJtT3M8qHUK4JiPB4IoI7KCMHTye0Xq2UT-nY8yvRuCBPhbUwlghEKLY6guSZbY0ovnaogNEbNc4MdhdGDzi0tw9ziLdbUNkrHKpQhV0WXVyU5dYpqCrKMX4ffpcCPd1RdBDS_kx9wUj-M0NLLN8BavcFhl4LpqInrzL8xN5U1-uYNAFiK6yvJrlUzagajs5TixmR_xD982LtfaAJ8ULXIqmfWgEY5SmPYCjc9f2TlYFIqB1qNLnDiNaoAsQ4LuHUXd8iA3NFVNL1z1WGAHGcpiPKDDaUf7NQN2yCBbl4dbVk-Idx12J18UqU3mOds_Jf-S68C9ax8VRS6cApB9kbKBEZKaPDLReeSCN-9H6o1U8zLCrMLQYyC8dlMO6ZtcRF-mG8RxjEZOfFQxh0JM4ALUA-4aEQPf0hh0hMtx-R9VWJLMr1z1mF4Egrgf07cf2Ctk8PNmAYZOjXt35Gkesf4&pr=8%3ACC217B09F7FE049F&cid=CAQSMgBpAlJW2cM4iuJkd91Gyjixtk-XTmPJSy9c3ZhMgDs5mFdONXGJwKWdkoGbT1nw5P8DGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=17681578322248075000&adk=1213688860&idt=87&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5aebb37c35fe2999e12f8f301df7cea69160f7f1bea033f1b07524f35d633f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41198
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9ABB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDQWndYGJSTTOMwthxC7qRpLeOOXwDm4wBpMyZOlF62xbY0UgRIDn_d_o4HDsHQBs6zFaCx9TUhVuhBWBkOT3WWuOZ_jcKpmHnlLym5YF15a1mPtGt3arGDKG-tGdSvzidgAGNJ6Wt1rCia6fPc4tDk9CPCF6wMqUiQyaOy0dvyNoMUnjL17Ch0Jw7625Wsa_BlMjAF7qb9zYQUzaPOLfXFUvkLidHE6XRFRahc91Rw5OH-IRBphGRQy61ltKqqZ2o-XUbkFU6YSTNXmCZSUievNPt3Sh5-xSjSfZWHb3jiyT73cCTI1bHJAGg9RkZX15VDDRENEnNckohtFdNEKw&sai=AMfl-YQMoRgzcAEuB3T4JvEAydbZL74DosJU8TaJgxuXjl2eXms6eYAKIZOdsQQ2qobP-aJSPmkYpQ-96bv9zwvy584Fjbmyxhz1dtQ0JM06_byYgPkJ5zArxmZGnZC8deE&sig=Cg0ArKJSzBArv8pHO_rdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 5C1B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
p4cnmnVg0YKW8ieHrJkWhIq4KP7SWQsJn0Z24qcQg21tiuPMXyNyCw==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5C1B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
393da595831b4f936f42c86429760cf6b5d9442ae00628d3450ad16c47c70cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7919
x-xss-protection
0
server
cafe
etag
14884847635468568957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5C1B 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame BD2B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2574856887859&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2574856887859&version=m202307240101&ct=77&x=8&cor=6921150182352372000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AE12 		18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNtyeSKC59MxuTLfouStIfW_qulVuiKYL5QK0WL-51y9eW1Q2FUU5B6S_WyMjhTbH-yhwd1vfO9b_HbrHp8_pi6rs4_su4oaGS_lG5KMPx2OxtrRHAkMtFxyJFf2FTUGpsWbxvr0K8krYgtHmZNh3S5qlmAF9k5Z9ympslbtLlBfqZwHs&cry=1&dbm_d=AKAmf-Dmm4AyQgv1xIQoNh88v-RPk8L3llfIbAsZco9oRJun4PzGugZdhI_zSCzZZ-eVJG_VXbfxoJMt3a2yPx_hklUCkBdJr4XJliSAF0B9Px-tVlGDmSjV0wcx34qtDjiu7P-TxKXa6A57MkkYA6TkorQ2zC3TBv3_vPl_XPbHz67H2VHEP0N7Eo2Y-mRlLXwSIEsnMBkpqmZNpHxT182fiCVljUaSiSOWvVa3I1RPnmT6zrqSykAwq93MB2PafqAyfjQItTFwVYNlTu0hW2ci8i1b47Na_thmBxQC8HvDfFKhNJBGK1Zw0r2coTnPwZGNfg8tn3xkkRHEuse8YVvdtisNQE6sjnAeMBBRDMakYqTq4mwFLP7PnNk1wjehRSESyGFv1NvQq-UgCRi_RUup2-BnyMmjrQk99H5uBfDTTHJSPAVIHc-Egl8HID-uF5e5CM4TC7RTBcvJl7neZLFExydHfqVgl2otj089OosxWsWDNPZjqGCGUxN_XD9WQ-O-DjBvVgDi8i5gZ6ikCBwv0V9FLdYSRO5fs8QS6Obm3uozqjvOox9FkgadRuIp848gJ2UUK9Bk937yEj2sdwsFR6q98Bs8ClzCrvmQaDga-Aqsg_dC5i_jSFIoVL-ify1-siX1ypK1kQENgyyO0jKS01FlY6zGPC76NAhmhnNdIodCXrTPl2PCmk3FelcG2ShskITfcYHJpsGuin-oxUUjYTPGcrEIyJ_aqqV7VOWPs7XRbvehNkKaQ8RZJvnjPFG71NvKTqOJuIb9Wi9uwfbTT33hmSGqqpqFIaUCe9sJmPLGw_cF10E352q-QPRRkM-gEPmdiOIrBaWDvcOkmDhjylyvyztFjMkBcVf8cXkWR1hpDBk6EnN5qb5Gs1X9wEv70Tn0cGFWu4rVVLeRRjgZAxj_zntz9PFPdEHAMSEmJvdYwk1DSaByxEvARWX8UFmrV5LT-0fsSu9RO2ee6xUPfT9G8k8pzMALMOs7I00-PUj1zTjaYVU4Q0zXt2wsNL3mw_0N9PzYmqVOYppgAktWiO7DWDu01Pj0FqM-U0KsEHDfZZHv4nIMtrditLMrDGeXwMAl016N9sB6iCTsLVnrlnJW5T_4z6d7K5wqsgnETgWHgWUaMlVhLQHWfyU8SKzaQJkbyewDLzJAJjCB4y3VUnWUtU8NDgZcs3jGyO_szIeM6K6XU5JT3EZzEVLvCd6VxnpftPWg3G0rCMlOh6pEy1D_oNkPBKCcUsFJZHIf1jZZpcF6ZwMC6YvD1lSOCIZZMTUwcg4Sx0FzF8NpkW58CrhwiGOmbqizPm7xBWde67OMNDyiQ1kChEtocrkMk4rJb1CLv4bWPcgUYZmmdg6v5QUTQ6we0W_JyV8deMBae5WA3A3IEuiLVzDHLvEloFIGTVZ1VhU00Y42Gdj6BOkPTb8CQLy_V1m7rjbdg52PAo0IIT852fXv4HNjBb0pRloDHuiPWF-OLBhUijV65hsgHofjN9U9CPIyMQeUyRXTHoWr6p32L2QiaO8mbCVDN3_uXnklSKDgA-fHu5oBzoQP_-V2R7-ZO7-Wo-t1tUGRnayzuSz7WIflAueiU-crQajWe3Ie-kqc-ebxhJvJzHDqDFtZEm9eVgec-teUhVNxCcrwuJujDyg-EECpS5j4qKfjiyjzsBuHkmTiO9h7Tr_2iGQkr8i98o2xrsFypJy541HRrMhOtlXjADa0uwKCCOWt7iTt7UV3eUbsj6I6PK4BVjcSPyCSGb6BbBtJbXp3nbnrQOdq5TvKgcB0exqOFNgRybrk6XdMGfciZxoY_gfiMbBQ_AIT2siEhUA-mp20Krh7loMCY0sYmDuOkZ4HAet1vHHHfAPObphS7v6mDN24o0LrjfwOK_O8wfCXWzcawIp9htFGUZZqTUNF-DwCsSyuspXgUqDP8PODjmo-ueW8YjCXTh7r9Z1FFNGtdq9I7_XMMqDoXrA11yNtNuN3ZCEUHeen4Ci1pX12S_fPVXDFRB76xoMI4sVNQWgylZnUxvZL88xpNFif2G1HVuohg4wNCJlMlHLmLJ8YF1y9cLcMz9s11USCB4qEWd6oSLIGCGuz5_tcNlHvm4bE7JW9Z9TwHjUj4psLv9bXzDUbXbktmff-l506EpPSJ_1gxH8InMOfP_KmSjPL5WphVCFqbTPy-NUK17HZ81BB45Q8yYHQqeSC4dwLpWbyYy27IYybKhktahnlimqzoBSUG19PWglfy5isyNMu0Obu4UP7f3r5tEhFZACrU_OIPlw1unMPCxHkLKHX9JSK8SHAOimg19HJHuDwv9HzLyDZ72Y2zNPs5LKtOeDvoMkTparG3S3opXKDp5gjsYxLiPa8qkUnWLUUqLGOI50w02b2h13DXE3eqwJ2kOg--kUlVBQeBGSGKWhTjeEkiABdEvvhYaOjCmnqzoZqm0Hl0ZgNo77eT75IHE1wLk5xdB5Rpqh_AyUE3nu5WdAcmWHW8M9QkL4uMosMDLSs3Sy33oQqiCK2-wveBdXbmvzPcSy7HGc-xXyjBPLvSKwIOBdGO74GBoPiLnaTy2dfpUD3wJK1Ykj6EFCfbkZ9jWM6Lz7KGnKouJ_5iWGn_ocuPcCw7Hhx_iSOsjI6VSViJHxzAL34amiWc6nGQZOgjnAQzCV02OEB6ewbcDRb3EH2cGleZW4MC_wi5lcw2INE5On_TnKJ-SEqBDlvC1IAZFMZbV_fyAIajmcrYbre2zdkcUtXkZUvNy1R4dg4gofrJEZL5uQ0ajEt9z8uxh79bWWae2OaLVVafD3kX0o8Si7s3IjfZ045oSLWSmtdp9YYAPQvriGThl4jWrI7XWQqKspA5phAKD8BQWyxX3x3kVaC-whLbDidC7DschNsEiaGh_F3frfSzUL2iEu3SWPL86RUGAe2bhqEOCONJY2uT9G4OgT63JXAic-Z_XtUmxZur2hEhkoXENHOa_YKEFDcrk0DfEyAlEoU_86EAEM33qFnR1crE96IcZZVs7ZlOlhSVfPMSOrUVm0Mmq9hjfgKfbDm4N6Y543MtcU0MDoAnf9EUFVgIVTNVEbGJKk3_wAqxPR6s6jMqw6poZ3hTU5ymTSyOFB7Xe3ST5foYR0OESNQMe3QCCkno3CyAvXG_7uVr0Mg_22XGHX-gOYfgU9PpKkgiuiiBilDAU6dmqxKOGLcsX8yN2yuL2NftAbrFpuurSVE6l7UKLQHMWhJFnDj3mj4eayHF39V_WqaiMVAKW443ENql0bIlqHgDa8-sT3NRkhLEFSp4ny4aXLMtY0TVRcius-8dy7ECp8iiZ3UxZxuOpwgSEJ01-R_0AS59KwG49MGN1QbTK8XZYaik_SImao7LMPdyou9-zmjUuuL_B5ZzSo1l6rPjf8HLPnnAAt59ZZ_hxG0pD3PZvtUICRiIVa71LKVPDEwbObER3RDwVV-pJyEt8s1uhZMDoyKY52s2vZDE9IRby4nxlJFfKVIYRg37p3nBugVHSSd-ni5CMuLWfNJoKdKENmHTsgpAEovhvW_VKrKWblk1pCBaviKv12FYQIVo8yUxRdooY3YT8Q6SS9Gc4pmFNn2VY4MC8J7r8ka&pr=8%3AEF3A5FF3B8141E02&cid=CAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=6921150182352372000&adk=901424819&idt=114&cac=0&dtd=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d76a3ea01208d44c87c5f03366d6524b3b3b7180061a3e0cb83f13c11c770a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12988
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 1642 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gfIPcKx-PW4t7SHyzipX4t
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eea3fefaaaa81697bfe96a579348d81629cb6c8c8c600862aeb052794b1a9b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1642 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1642 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 1642 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1642 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 57AB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 1642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5SldJU1Q2S0RnZJ9U3I8isRNlPPQ_Uo84m-b65OqqsP1KZ-Hcamrt1Hda_WtanXWAgGkWZdzI51TxurdEbXlAczmFdxarZ16ocHSV7qhNct1-YcPBQZV0gtfeFXgnWk0pBDBWWzFmmHcZg6PANcT5bnfvJIfFGHcDgKafzVJSHrIE5fdeRJYfQCUXdLAwzWjuk8UrDm8Pom2vARgZOYb4M-xOAHw28BhQBnbhOt17IMpYtHO1pegyvk5bLSyZU1qV1suWxE_77pGZvj-5BWkROoNuL83E1m4-dYugljHx5VouJEEiPjP3Q87bSB87BGoiHpK_duCJ0jG4cDJNgBt8JdKJ&sai=AMfl-YSSh4S4x4pwKxbNIpU5PcvQa-6wJjySjr1_UDfHyYYMSykfvpGP0T70DEkHCPM1tEgHp0tghkiIeP3mrlRCyd7cNGLWq-0XyN9krBWZMYXvu0bDoHjomTuGbG1PECo&sig=Cg0ArKJSzBSV3quAusygEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:56 GMT
truncated
/ Frame 1642 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee35e3522ba4d0f0972024c9d624ac5a109803674f04c5ccb86df935174ff127

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4358559514095&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4358559514095&version=m202307240101&ct=76&x=8&cor=1936102112851512800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 705F 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKwIjZQMvCquQULfzHgAfoiiN891kOOv2GZ1JtI7CC324X9VGVIJRssuOmE8Ict6hgJWIWjyMwONb6D3_dfrNy4PzxKtlyvR3ng9L85rTtSU9-y_jOYKL4UHic4YJIzpQBFmbzolmetB9IBDasKw6yX-HReTrbvytZsRnnBfDu4XW6MD4&dbm_d=AKAmf-DtbSyrjrwZA0JsafIAXdh-dZe6Atjvsb3xFG5lkBTA2qqMBMUgASvC1_7cv74VorhXF26Tr3nKtCR6n8efZPnhqQLQrNIxO7V4qwMSl3nLeriZL9zvSVUmX8m603L1tiLOoYBzRpfsJXlHssColm1tKpOFM6_muR26UUJ161dnRiJ7F7GYu1rSXWmVbzQ6bCBYjurRMjsqgaKVBfNBrDZ9rvn_iZ6WE6Us0U2pUsd8JZcfzN7UnKo-PMJs0JK--7-heQs-rcf4Pv9OfmnHUxd874tXS7XIyzkl36UkWrDY6dthWqE_O_ncDFNXaSjBHYBfz-uHWjo_EERZOzY1uCdEPVSeTKr6GMOairvWpLfw3mkT85lu5msWYQKZ6nWcSw6dw3bJLGXM6tcOcjrXqaWyjkjUCsR8Pr25DlEc3kFEsCte7YyHWSLs8Y4Updr2FYh4sIRieyMUKiyFoLJ_PxQklq_K0A5mxqPa_lZ3DtLs5wyGy-DCeGaGpO_E8ne8EIiFwX4W_kZAurN1xahQoSg9kgY_STtSj2mn-Al0HGekp7Voj_s1XytBfNPRUTjlWouSFIMBWGV_oeoMYvowmDsGSFlBVmfBi6adPTCheI7suR4QqKyGOuRB3u06-m1uMv1pIcvrcvm0jtgHbnNKOEgmwE8lgLasggC08WaVN9rQM-13COnWEu3gfF_jcp8UgFHDFnwyHu__ENYfMzid9DYGtgU6Wf3NHGJ6GC6FqdonHN17mpLHJi93VRkQkgklV-nEY_rNvhZAHaiYphGTXDqlD8kje3o6_2AMlSjhjRs4qrD3eoiMuc4zU0WpAefuKR2jHrDnbKsiGOul9h_HQtuz3r8COtIdI-EXf5jK5gspQK5KTh13Fb_Jul5dSzmWtn3RdAkKYF2BzlsIq3ciVEMEnKs10IdXMZSzs1bpPwiB9yutmIVVy68LhuTDg91SU5qJNjs2gUNb-r8iSEf6TB0zOxsFNbXREc32uqvW5KVCtHU9sWypnyHZoEUzf3fgVw9H1q0zCtg44BQ6nYHuUvB61i7oinfZ_VddVvlgcnU-FuJFgy3H-pVBhKjCHM2sFxpJcd-SbY7cOVNIMmI_wS_I6fTc2bIFjq-V5hSOU2PgiRcwXK3mjk1ZFCAz0UDjGFUzmyOeR4QuOiZ36BH6Y824EN2ecl9_4nxLR2FbaNfF5sHzy-6Yes4u3Z9XuHU4waZbLhBbexNJ1E0Ag9twbOURqgsttuzBTmyIOnhZPl_yt9k-r--Y7Ex7RNzpVctDfeoPDkAO07NI2XqiuvB7GoYv-Hc8BhAAUai1znwq1xY399VpFA-plwSEq4I54i8OJdGkLoBZ3z99C9X7mfCTo9sq59ACcEm1TR8b-IZFrCsTs0XqsHs5ScZiD7WMd65vDec7oYDc5Lra9bNCu9Ar_4RnxvuSWLxl9RpEpWX0nIBicMmJTNRFOFllZft40KkH1YwN8NahsKosr0GMsLDZ_1d2dVN-QqhEbigdMrxUkuLqfGNOqgwrPaxC6DHuCWQu_XHNUQxAEpzC1LHCyqS6dyhh4m9obYbs4R49wVvjN3Z5Ad4PDpBTfs5PNolDRA7BPVAqPGl8WzFFA3494F9tetVzv9MM8UaEGr5g9c7a6N1rNFrb0V6Mz9rUzaZGsR8clOWSJ7Jxy2WNEQGYr4bqaeLPRwBRYJ66RH6hV3hzdiL-Kjlf2-TJdXggfCPS3iHVlE5HttwgEQCIFiGyGVsDIlq8c61CZagHhq0p4iR8zSoqTFD6nw1XhCXA7bo6UhNIXPrgSkehbhrZQM546FR1MwPNvre1kzMBAJmQH1bcJCj3987AYl3C-YOlkx8_1VP7eIlhrXioNbIETwA5MLnweklWQ0-uPseByPbP4QGOZacaQmXCtVbp8vekZ2XUZjEoNIu9Mqf-Dt46-71XgRoQ7RaevFPCI2TkMaLUTrHebjojwjzYyX4UM078XmvklQGWDeORu1u-lYB93A6x7HP9wtqs5wsdNysUMsIlFecINjyEANqG__V9YV6V1Ajo1ctHJSw05h6giAMfzaxcRj_SXAnzfV8ThNDjyM0axwkqrJAKs_Gy3V2ZtkUbPdEIrJDwCErTxJlUcyb39j1AUDDWP2iov9z1C4HvAR8L5LGzLz12popzHLi1AtueANEii7JNHV3_8kF9wQs8f8fX_uxXjaVbEgh2qGGdrYmoz-RKZQk6WGDGV_Xuj529Sm28v6sekOZvISjUDCtxyY3En-Y9XdhxSda1Y2XxaB0UXBijtVkpb3_2930G78zC1B_Q-V89SFnFrhN9WEdKs73AMUYjfxNJFXzcPszv4ZmIkIsjj9S5e1vKBiHd8GT7bYMaZ7eH-7BxQeMDsGgULLTPO8c5r6ktwTe76K0rbx3a8njpXlNU89rxWQSeN_TGe_t_yxV_ZJRRxreYeLsHefHY35dnKcpAXqX8VJQOt1aKmhlcAkQPuol3NSmvfnbXMKBsa6hW6AZNViwDeN6Pke80yqJ52awNzRQiWe0cOdTARUlG6giL3FbCMvbLENctAwIvOnNZC5EeBQKGo6Od6_ubtPuhFwgwsvNHgsdTn6Dx-X9vDRE5KZ4feyRfzk4qsn-zx7fWqHyG8Oj6v9XNcNvi6n3DZ0LkT21KgLP2Q7lR7LEfkVLsy_5Th0ahHLeOlPhl8YzMMzxMSX5mUWnNPkhII1MvwDveQi3GaLi_K_XvsKwNWVZCmXHqg-Mywv35JH-RA2FCXmAC9J_KfHwC95ZqmJWlWkT8xSNSwekz9pOWXbL7NIYBOcN-IbDBIL0WsP1VbocU2wPJgY603uMDyAhDKJdnhIVwJVJ-WXj78IqOVtpMnAAm8dtSsNG5x-YyPjfiCYLx_t0akj6X-PSUtAuf6asbhcGK-Yzl6X9ybsuV13PJaI36oYGnZ__mqY5cVS7d9OTpaJs23eiK4s_OapQXRvV7wNrpbk9gw8QekRmX0iXBYqQRU5EFMwvzcQmmZwO_DJ2Et98RlUtHq5TXajbZhMBGc8wcZ7dY31HYN_h5W9NeDGB8rcKAHfEmkm3yELEJq4zuWCFmhHgtbEk3OA0B4rnEe2ejwghw71R5ValpxaqYS88T17pd-IjDEXHSr6qVb8Ntwt4_5XcmCQELyZrw5dGHs8ksKVPpibzVT4B30uxJQKs-1PYCA08vmNcUK9C5QFCs9PVw7J-g7Roaibar8XQEFXSJ_Ctv90iKqZrJKThjSHYlBwCs9GNbV51y1TVCbHXR9ToXx2vR5KMYvOULTSrcJbjddqDLZ7GuaHpJzEd-VfzP4MNn2bO22zDyTBhIqI2mP8x2cMwvftBuHyUFH2vTR10SIKpIwz8qhL9x_8FO7ANgH_EBsX8YYWBOgyU94a85U4dY7XfLaMPN3x0T4Dha5-ko25sGn2ZW20OWPeA5D7RWtlOTfbgGllIGzL5HfynnzH_89no7ZvjE3dQ4-x3rCbEhQEjzcebePr22_6wjozxw1Zgj66DOhad6MN363pILmm4UvO1lV4HIfmlgFG1-HlxKw4j54Fai3rMH3MzEoFc9freDUcFsn_VivK8JmiY1nFVOvK2cDBt1X6nX09puFWrVD7cDDom1OLMh5yE3BW7gyuldMhXkZcF2mml8cKa7pZi7q49xK_W-ZTd5LKs9BuKxkaget4Xfq5w-tgjfQ95dPxoEWpRcywM8mkxmX9sRPmkOwe7I&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWOOeogjEx44l9nZZ-FEoIJMu03bszt0Sh0RJmVCCLsybj6DdDj37hx-FS8y04GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=1936102112851512800&adk=1633923300&idt=132&cac=0&dtd=7
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a8d795f2ec87773b50b3d0244991a98dc45eeb8b5d61ae1a7bedcc1d198c43e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3BD6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18680
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
usync.js
eus.rubiconproject.com/ Frame 73C6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18680
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 9576 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0goU1q4rHIK8sc68xC6UvEh
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d786aabd8b0de915068e50a6b071a6d0416b6e9b688f96d21be4bf4771963e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9576 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 9576 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 9576 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9576 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame CD7E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 9576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5K5pH65oj4dCueC7tagRdnSBmm03WWgPi2efmByxGA1H0_zbtaxwFPtJAOVDywf0-6_rUrhCkU9_dc8WVbuJbdcs7i0bNE_XDcN7jRdZZkRfaASDDl_GtrwcQ7aOv3hZyFoywLIcdAv-1s04JlAvL_x_HXlSCYghWO7e02pjB_u2WlKtOwDNmWNhjtqsckr4KXWdnJkEUeCzCnGzKJuv-4HaxrrEHRRX9obiR_5-zuaXqNUyyj349CDnIOl2_Kfc__8EguAzjeAr6AShJt5Ss8yJMfuKsYtb87DPwYTUU6KrjDQlf1MgWRNmW6SCQsmtcLK6i-jHl1B7VMiYDDowjm25c&sai=AMfl-YRzeAUin90EsfkR4zcJbehjZpMvgPaYPRCxF2mzzncVavfVmEJJDTMa5zQ8dJiSJ87AodB7n1sMF3gwvy0vvElzuv4XXqqGy1Nany8zfZHhHVEANOdjYcn5FcGiZJ0&sig=Cg0ArKJSzPdddP4ci3-iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:56 GMT
truncated
/ Frame 9576 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aece5718957df383a0a6f0ac0c11089a2d9cda6c123adf4e9939d4f3c15c50ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
demconf.jpg
dpm.demdex.net/ Frame 7E9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUuHPMIOS5cH7DHVJxRKa4uZ596P5S2Q8uv8rz9eNw1JPSBZp6ZIW_vl3ccZ5Llva7gn8ZhH7KIxK7WkDdux1aHuznOOttuCRsmeseS-GkesNCBLHOX8CF9NbCW-Nml6uSeMweB0wPdDzs0ebImo_VROhk3xWGP_dSH3AKbV-uAw5I80v4
Protocol
HTTP/1.1
Server
52.209.112.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-112-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0fc891792.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DBP3EoE6RyM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-0c77e4b94.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kB3SmmJURHA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEGtzWhLuzJauW3QSQkMNrnM&google_cver=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
xuid
eb2.3lift.com/ Frame 7E9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEES0AO0db-cab3KWnoplIVk&dongle=c627&google_cver=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEES0AO0db-cab3KWnoplIVk&dongle=c627&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUuHPMIOS5cH7DHVJxRKa4uZ596P5S2Q8uv8rz9eNw1JPSBZp6ZIW_vl3ccZ5Llva7gn8ZhH7KIxK7WkDdux1aHuznOOttuCRsmeseS-GkesNCBLHOX8CF9NbCW-Nml6uSeMweB0wPdDzs0ebImo_VROhk3xWGP_dSH3AKbV-uAw5I80v4
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEES0AO0db-cab3KWnoplIVk&dongle=c627&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E9A
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1
  • https://eb2.3lift.com/sync/google/demand?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI3NDkyMjcyNjA1MTI2NzA0Njk0Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI3NDkyMjcyNjA1MTI2NzA0Njk0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUuHPMIOS5cH7DHVJxRKa4uZ596P5S2Q8uv8rz9eNw1JPSBZp6ZIW_vl3ccZ5Llva7gn8ZhH7KIxK7WkDdux1aHuznOOttuCRsmeseS-GkesNCBLHOX8CF9NbCW-Nml6uSeMweB0wPdDzs0ebImo_VROhk3xWGP_dSH3AKbV-uAw5I80v4
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDI3NDkyMjcyNjA1MTI2NzA0Njk0Mg%3D%3D
date
Wed, 16 Aug 2023 20:04:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 23EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBKI3rcVz1Fe8t6sBipvtP05vPbt9WUzLgz_vbX-IRqhvIF1X8CBLo5YhDBCNex2TcTXpfRUriw8YXMF3ySRr1OQ_l4jzmfUPJxvzi5rioeFAnpx4DVGyXkEF55hWonT0SpnkvU6Sp7hulWpDDdid38L7EevaP4_0TFUOtEeghRqLGjrimXryBBlfA62-MS58-ngtIehXs6k296Il_U5bWzdmKHrHh0NmFG75h9jZV9iU5pC-D1UpAWv8a7kG6aEi7al8W-3fM5XVZ8MphdPK8LHFGtqpzogTN1T6RwDwt71yKvOYfrLnVd7TXVOPa4gVOS8EN1QeJLhqKIlGHksw&sai=AMfl-YSfIXAjfg4ae8ELFbowXrzjEm_6elu2TbB5oMq3GnOaOT1lSSih2IPS6UZHdoci1zSEPHOL7pbD4xcuAyrpiGb5WLLj5Ar67Z4h6SPt-J6jz-FKTPm-pkTDYj27L1E&sig=Cg0ArKJSzCDokAJvYivyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9173 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=1839285118876494&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame D7F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMqJO8C10Z4-96DfopHb5QJnfQdX6NU3SYSe024iFfPxdAlYmMYJOlEdEgstbTPDDV8QSkS6oEcM9LjULyiF13bwRSLnwXGxzFDw5wjSA7p9PTt0rxNTWWhRoiFveEEuWsaD04sgmWtq_EoFyGgoxJb3nVFpjcGjz8hWwoRqHobuJ07doTTvicyvmvvLMtI06-Dz_nYLB8J7tkfqHIKB8l0W1pWvCGSHmfq_n0rSx5RvZTmO-7LDMQhWfIXjDRhbtwpNiFq3DEkDvWeScdvNqREkeGuDlD5PADOIeHOvA52m2SY43F3a1Qe9U-ayK-ci8I-7yuQlh6gejTcqJ0IOHm&sai=AMfl-YQ-KYeK0X36FN_Q32yXHVynLAIBZYDrKzX7Lda1AhVD9cjMnMa7YUu5SeBrUna8jSepnCTaP3a0nrHsQOIg8NUzWHdB3F1wRIlTC4VYkd33jhEWiot_nPGkUATmzSQ&sig=Cg0ArKJSzB3T81EClI-jEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 85B1 		408 B
183 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNX56YtiBwxySGn5uHC5mr73kAS0vmLlmjf9kpxG12rbmd49t8nHyNhCLIf7npOyTDJFJ-kQmBxe0vt8sAczQRM_GlSO8PJ0xsnw_jBJLJnM7ydiCaLuESkQ6mVQoHNT6EX2slQZgUkQDS4Ozh8wYKwjMVSyBhXkVBPbULqTa80TscbPe2A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9470137342ec088b7c020fe717274cc62469b3da3043ee7811f97fb63b474b86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
163
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D7F7 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7F7 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-As_GQHwxGmCDM9PPYPerKi5vT9jfe-7YssGNg-tnznt708TZU6YgLvFD2Rfyot1alENmGwyaoId7FQUcuCHJKffzTTDzVgAktObWwBouLjEeZb4W8
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7F7 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5185918031109850496&x=8&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
17598d53-41ae-4c61-bd0a-27f7d868962d
beacon-ams3.rubiconproject.com/beacon/d/ Frame D7F7 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/17598d53-41ae-4c61-bd0a-27f7d868962d?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BA9462E5AE78C5A93FFCFB78F5A9B811093200B43E8F40712FF4397CC09FEE7D29233CF5AE505C112B8B520C6696685698FF0500803D91996610EA5030D539609AF386182E885AEF748AF852EAB36676725953EC829BADFA310E1920A884B98F1E089F4E55A029C1FC9664FD73B255D17B409AE1CEF9E32502605645952F60178F9DF03362AEF6FAEBD061102CD527301CAC472B8CFC6A191BB13B26067E46A20BAA3ECCCA48C8FDE59C11CA42A1595B9E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:55 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A07D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPfDYChDg-jEQ8vkIJgSOxTi_dfLfvS7IyyssoIA_fj4MhQnB-AmzK2f1hv7f_WQonTJZ5OnyhXlyKR4RZu_wd9855LXO5UTOtnEZLr4mq6Mqn690W&sig=Cg0ArKJSzHMiYgppYYPGEAE&id=lidar2&mcvt=1674&p=1110,67,1200,795&mtos=1674,1674,1674,1674,1674&tos=1674,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292199&rpt=2879&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B97E 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61809799&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
79461871736c98437862e0117c2f5557b99def062763a8b8f20cf46e8d476c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:04:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 7E3D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d841d1f3aed4e0a519eefbef28fa8c228943a3ed2297c2d8f32b7ef721751b10

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f7c4a0fcd962c72-FRA
content-encoding
br
content-type
text/html
date
Wed, 16 Aug 2023 20:04:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61XZSHIBuH4uwr7wE62ZW4nQU9VI%2BZGHgQD2Jlm%2BBp8THD0l%2BhTdgfocc%2FkytSrHE2RM2D%2BzEZlgww7K9Tk9gXdlU326cwAamhHpN4HVAw1Y4pAFoijKXghwYny0qHWlslXC3z9u4eiCSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 10F2 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0isjWOSQSh-MXTSHnI4oFqC
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b4c3ea8b8b45f3bb46cb16b0777895cd73fddae3011ab06a39d55f3574c30d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:56 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 10F2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 10F2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 10F2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 10F2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame EB1B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 10F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm5XlhEY5ERbjd1Sewjl0Z03SGxVxh1i70NfJd8hhQzcFNGTqyWYUxfZQIe1n866qBG60SeuRaPtdbpQT1F-_ldBESfnEwvI4yzYpDaVI2N879p7IDFmfZQwPEdTnGj70dVKz0yxRCTuptUna0cHg5KSPJbYEVkaUvG3NXyIW_ZFwLgJyYJwXrjjjsHNcE5fvNfWdDI6m-VMFUMxQKKnwdlZHWCadRXCs_TZ5P30ZXZfXhm3HyKsH59LAiqZXD3nfsLnAcHRjckZ4f2CRvRtdzbDcr5FJxEKHf3OEzzAZ69naebB6t1DF4MuHEnhxICbWIH4E1FyNYjv1iY9FqTLTLQm8&sai=AMfl-YScEKjrM230sESAG1LqW-PKCJpaP4Zi_ZjM8O4fWMo3T2Hi1YwtCrEPeDRCE9qCgTqyCAglKidX337zw3LVTL4Q45F7a6a-fX2dfr0LlDLbvXKqTa9fB1wJWo9RHYc&sig=Cg0ArKJSzLCJ_X01ApSKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:56 GMT
truncated
/ Frame 10F2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b316ddfeca374280201d7d02a0cb1f73d0048f586a47717bb1508a01f4acd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 9989 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5907a1d7c1e745029cad722cb76cabd7ad00226385a1be43322e4fb125c3f83f

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f7c4a104ac137d7-FRA
content-encoding
br
content-type
text/html
date
Wed, 16 Aug 2023 20:04:57 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GASe5zUfphJ%2BpgHRYFgqhY1R88wUK0MvJnEcubXb104edVN4B96%2BDXUJy19V6%2F1fnsRpoz94sbYYHVg3gRcBJvINgoo5w%2BnFBt63700YiFRQP2x5JyApglhc%2B5G9IPqwY0EyT1v2t6OJZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3AAB 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
I3akn3lLQz1g9vZa0G2Cot5pT1EGP9gHiA3ndg3e66kwrDeCzeRCfA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3AAB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65974aff1bfaeae200028151004db3b7f78c62cbb1d35ae4fd4dc9a6b5ba1512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7897
x-xss-protection
0
server
cafe
etag
14967194832246457247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3AAB 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9601 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qlCGkEywPDPSJ74CeZOC2RnQDmPyHjhxbWvCu_o9KG0Bc9hUonWcvQ==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9601 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad633859332408721118806bf8fca9a4693c57ba6c601fb56a8717312cb7924f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7913
x-xss-protection
0
server
cafe
etag
2053696295372006557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9601 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9BE3 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0b5b592f32bff7fbc3ab4061a1eb581ef2e4d85edbd3672a2f746050bdcb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50788
x-xss-protection
0
server
cafe
etag
8311414177081728516
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
truncated
/ Frame 9BE3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4658babc402d1b843399995de4f2254c023a55a1dff796d361d5c09552e10ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9ABB 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aa99fb81526b6b0061dab9bce97f2943a59f6eecc1f9053c6a08d1effe016a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50787
x-xss-protection
0
server
cafe
etag
5882857181083513099
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVmMp75-vj9AtLfyRD0F0f8tDAqlzkSk-pEGWLV2OR_Du5yVfwZRj-e1rhxrH8GkzloH_Rfohgf6se_F0SqbGxKq_3W4CVy6JjLLKl87bU47tj1ZFGOzHBPfoqvGhHFyNfyQIL_yEx1ixSh3qtSpouhmlc0RYbhwuJZwIVjm7ubq7tLTXRqXkhvHpoHCmL8xm0JmwGDntgHmBXN0X0sZ9UGghNGjh-tcETcB71FXubn8aTc_XTMcCIb1NXcSaZn8rduWnS-xTyOhIzQm3mVbXWPjN_UyMkXNZHyE0W-bBODi2l_RiUJH1AHZ4LdyKI3JHvhmAE7H59wO6IXaJh3GU&sai=AMfl-YTK2Yve3zgDRHz1B8mz3hSJQ4D7EzW29eQgfgUpi_8UjJPKYExrYDOOuf1sHVBw_BgQ9Tg0PgUstsH6fG96C8pcDWlVTa_dEquQECSsyp4aVzNi3xADge80C1SUcTA&sig=Cg0ArKJSzLCJszQbz5iqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 498E 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3169470232552&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 498E 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3169470232552&version=m202307240101&ct=76&x=8&cor=13434467368271390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 498E 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlRymPtu2DP5Q7gEONwpye54MbGZz--YqeFKZW8sEW9mrE_Yrcd3siHLQjhTzh2ZF_YGC8q85NLUngcv2Z8IZ4eoGsCmJyKeJxrS_8Md8DFB-UdCUx9caYOVIzarN2b5P5fwRu1n28PN2xkbgxtkJsihnRQeT5h7Yv9pncNAxyHIS4tIY&dbm_d=AKAmf-BocSvysEG0hiBDfk1yNrrOmXZ1FIFPKSDLP1d0ddfYvoIDETICYTsXhpy2qcPVXbae7VzszDS9isPXyT807alzm7A5I8mw-RhmbB7Vm_x7UUUlWIIOu978Q0MUb1fInMEGumCdPlB7EC-G0EupAW-V2S_TJQvtuLshGsNsnojqh4cCJRp23du9kH1xoYda3kd9FOuXJhqwRQl1akJqFw8k4im1A_zxorfYOTAXhiQjgew3CjHdRhITWn8CppEEPP34qxZagXmRswlPhtrFACLpQuMkdJoF8pLJf5QMyNlEuPwaDiKyXKN1beDrpBYyLzrjYbBOwwSJv_swXbU3xqZ-L_R2UVQxGFGMHh4JnMwFwtMLqzNyW25-MXCI90vXD_tv_yH6cb_vC3fCglq8-0wir9umDyU_koLvcTifJTMTnmFzgqjabrzHq0gvCvN9FbgO4cmtaNEH6Sfcq68HiYOWEysJb2VuYwgaFZDXDWmu1xxCyRWvBZtSwVKSxA-ZciwaJEBNwvR545qs_WbxFWLIkmse07Y022B3H45SO8TYn0hiGP1I19h8xHo4uC_WahyQAOtVczIBnSOKo61tqWy88OdB2_bUGD2fP54M68xEWpCBZ-g_8HqFOstUMPEbOQrpJ1CmHYLNotzjzGP3qO1SjoXjKpHuV_C7S5h0TcuzIwjQRDb8kSzH_mAODqBoH9_uHJVzohXiqpaHHr55B0aO-qjY15UK_WrJbm0uWKFCINE4Yzt54v3q5_ZLnobV20SKXmz0qJN64JxTmIdNgIujgov6GrPU5o31DkfVLeQdqDvLca92-vI1w9aoEB3XVDkOLjLtpWMjJ6P9Tlqx5T3-uUJ1gHcD59xWt2hPOkHQb5juyqX2NuzUlE2qqzH2N8EFXT3RasrxUcP9KA-k1WrTChTs2P7ohESTWzg4wKnEcMIlmcXUPooDSMtPG-508B19ayaoJXvMLFEhx-DAOO6Kaz2rqtBaVl23_ekT_F0jkB-nkIfc5L2w4fUBFChmm_aYlBUDrG_qR8VkpVlj5Zi2jrCtK-OE7IvbnnUNjCUmQmK1w9ZtScAwjng9Ur9tVrDpilPXMXXEcUq-pLUQxBVeANsmMFxElyTU49lfmFSN131zGfwGgt88lrx1cU_RTqINgoWoCXjTHD8kDX7c1p-rnwLtn_j7pRzM6I3uJFIqijxUwUXbmrCMfseSffS9SCMmsELNtjwryAZfpyyaO95fZXIx68lBbr8734LqB4O8U742BOvhkGOlNjLlo6zCAH1Lz3PdAjYiUq_PWIzS6chnt6hLfbr_mnJkJy1EQGRYUpFoxiH4I6qZcobzJ9MXP5pCKmQxqK0EsXXQbO2mKG73ZRCd_nCfAbWUcXOUY7B3ExPGEclgn_dvzHekH-iC9gxnHaP5mVqdBYD1p_wvO62FnwjKZlUkmCnIcC5j-oRryUaazz6TR1d5HqVu-sUNbPJKm8EGpuEZpJ4ghyahqrEDko5oCN1u9tHqHH0-_A7PNNx0DyH-4GyNvMaqELZlRiS8YzAiMSrhOQodSzjEC4_COufIEICv651vu21iTMH_fwC3PpYdixBh2fI0E3oPya-1CGd-U7gSN2fN2sOtmO_zQPH5yWKzWW_0QCozPxqlqgDQOyfshdJ0SzcoQc5HOEV_a59XqQgLonJToZxyaDYTSHF7Xjl3tKC0cQzxYhleTuQVJjCN4ofnqDA3TpeQIdgyz5xPTA3F0qtG0F6WHBos0Zm6thjdnUnImVEWM6SLhMur7sxL_NsvJ7CIiaz6j_BrcEmt4UDtuNmMVDaxBuoFt-ZbmF89oExGZ0kSU9WPoERzg1EYhHeIQvU0YafJkpLy4nlk5lW_DP8_kCM-bY6nbywayDlN7RkBAzd7NgvSeCfve07iqfJKdT3ublHh4P_shFJCqekeVcfkLIP2G4v5ZY2h_xAmaNaIlwcoE-h6AOu0ulpeACDGcuJMKN_jFCE7TJxzKnQOgRqRDB6L9PLlxNzatFNo4tkLU7KreNxsy8pZUxZeTL_hfiAIT5I97X37zSP9UXs0jZKxDeonwDpVi0DUNWjMAmSyFF5x-Ei20lMg2RdFqjg0-Ct6JAxwfMycGVuBF6bj99IGtnvqb5nIF163dVoUL9bvK-bjJNHDiSqGBT77IhrNhRfrwNIIJpfSBr0BoLhLs8qUuDN2-_HSyzosE6RRrbc4Bm7-oDE-2C7307mljmeLqBMplzFCBQ3_lDzvv8rZgJuFOvUrIJJjmwcmGvctWhtq7PyTbId8QQlBHULuOyUi_P4UtDvfsfqkFssEoOk1ZoYfT2qfDViOrhjdXvFc80tsogTWL8aHHEP_dyCxdulxT6EaUpJc_GHuLP1cABULbHRA_gcZd25YnUzr-m-WYoZ7-WNn2rkKUBbnxHmLMVgGvL_z8wpgT2-U2LOuLKbYHFbdVgNC-sLynkRYsqgZ2e8d3whWWg6zwNbcYvak4ewUdzUCZsHh-srEuyuQZ18b55nxSYRfCADH2ZOFjVZ-xl3fSdI_3aqG3KDBihUtCf8qIeLVIw8sm59jE8_UYBX8YNvHN19_8mlAFr7TecP9xGX8yv1JenvqjgCTpGtvmtzAt6QBc_HlKadYG33YkuZPgg5HckV6PpXyotmYVI6MT0d4898Hu8gu7XpBj0ZiPjj2NnstaNyzBhFtm9GKDU-YXscgtlnfJkh6lQ5iVSkCdwMv8aD1QKMmlZmnrZ58yDZhPdt6D6imu3skKLLtZWIbEbiKhosPyvIwLxKXt5dqwH8Pbk7T4H5HmFxMWY7VQTyw2UpWzN3hNLl07qaGfhM_U6IxN4jS8TlCsgm4zCnvzPv-ga_R5QhqM2SeDDY32SJUP5a1rkhFwVb5oWZtAvT7Dz9Wezwq4G5YZ0bcFesalyVECavaGv_ZK1zJ0M8N0KTjBIjOcLgOsplKug1gxnYWjQ0lvEgZUVrUDQ9wPnbs4KIHP1INtfWtrQE-4QuyIKwm_v2w6f4uUFu4G59fNYmf_etdgMZySj4iYkoC0i_Bw_hyy8G0NVClVzJEq3ynlLczD2Kj5CF7fsnuwAcsaC0iYSdD_phq8pKnf9hnMDynNwPGImZw1vVO8y5bb5R3OUhSix1vT90Y8vlO9Aw92U6EP2aFp45CNHm6c1ZAUB5esmkpkxJoB2i72bqCWeY3Rwj_yru1BubAPwb9tyK7WsBi0HQ0QZ-PF1jTL3-88M4NvCakLd9yvEuvBIE2aRyl859eLVwFLHWT5Txl0qvMA7QBZ5Kik47mpVu2u4UOm0Yi3OihdiOpCmhAOl6-02ufvClYjeTxU9a_TJJ5LFCyEBxsDqgAMeaGmE5VfaaRY-XdnD_chQx7cSBlwzpf13frmf5bnc_Re236CyAkmt5HRQ8uHtaunhZggb6EGnZMZQsAnuPwqRQfT2A2wDAQQF2O7g_EpSs-vo92hIoFa4GGQlCVIL18XDCDudOkskmW0rlCRMkVhMg6ZTxRemFyPxNZuTOwOFk1vyk72tsGD3A-gRRIENavpsm_au9oKmH4touFJfFxaRGGATJSnlwj11o7QXLyybv7s3DWPyNy7TkvLFzUppd5wKSLosov9UX7U-XTZxC3Ar1lrpdNkDtalW1b3mtn0qDk8cOkjptjy7VNQqwrViN2VAk4x2xwIg_h4ynaLFw4dHuBsDLNtVOYVZmw4yBO64cfu03uJdzcs4Lt&pr=8%3AF7FCD69435F0D2E5&cid=CAQSMgBpAlJWjJN5qGSHyqioIeohTMtZpCQ0ZtiArBOSpLFMEfVrIZz1prfzR_xRzmfsRqqdGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=13434467368271390000&adk=2050683709&idt=105&cac=0&dtd=19
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20dd75e3084b960f88feab7514ee660f4e8301fa978b1e4a344643f95e1f4bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5_dNtGVF7jf3lYQaHomq1VGE0YKqLbZbwM8QkoyMPdFUehjkB0zrFZ88UBqSiloBY8d0WcA3SAR2aB9IU_47_iD57UhHJq7zCYrvUM8g0SL3K4Amc4TizkT6NfDHfbcIQO_OXxCiqsF4gDip_wPC7hZVvMZu1KYK57EeuZhY2KeQijZrWPCJuSMfy7IWSe4kXzFtKTXgC0xm5SWFEkALjP81rcXbghbMfDDOd8xf7sB4rY_lo__71mEd6LySwz2kvIdo0l94pgV6j25uHhxO2Q9Uj0-m8iBA4vxLWtsOYjGunbw6xTk6gWLDyRrIn5mZHpNV9RUWoGLKQHglr3D4&sai=AMfl-YQoaJZYBvrS6lIvUrb8q5YEoP_TBrE0GB64TIX9N4D9PR4suhz93a9RnIyQNrPEuUag7Elycr01FdmtSma1j-6sLwMP_L8QflSssg9hiAe7cTvONw-pZqtEkF7bn0Q&sig=Cg0ArKJSzE83plmtH3WLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 48B5 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gHT6JgUuQC6HdudB6JuSyW
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
182a6d494489941e07338822bb1d1c4f02410e044e97f20aa28f364e2faba2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 48B5 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 48B5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 48B5 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 48B5 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 8A29 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 48B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0zu8O92lfs_OUwYvade11cUenM7X5gJk-Z4txNrZnPhiXaHqkJj2prj2Ui6xbt5MscYFNZYy2c1UIwyQwVi8DjIvchluWIFePYigceWLoA4X4wvasX0ma2JF0ZngksuYPxUAnJhkXErjfb55xujwrRcKRp3Z8UyFW5LT8dTmEL4Sa2b2ATPMTggdEAyl_CwecbVNxk2yUF4z8os6rOM2xDZzijF9TJKaNyO60X26lhNWwpUJWxaca2cUMoG1RXOS9227q9TrVUtsZu9Aj2AxcbgMe9DWqfYklSVMDgYNfFGQcIozV5ONum2XwGrXJrKSqiZ3xu0LZrQ4bVeO36AkTMYfA&sai=AMfl-YRkpEPxq5IYaf3hFIgUfSQNkDgpCJEHg2--ALlESs8AhxYijBZlNZEZdQO2hVoXbZ5FAKKjT5KwufEP3BZzHQWXxjpEcnKC-EjcG0-WOMHBX3XQEBrqnQy0lSfksOY&sig=Cg0ArKJSzKRDidOCZr5tEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:57 GMT
truncated
/ Frame 48B5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be667717ad2c732ceb420c99a83e8f77e45343df792f279399980b3f61526800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9ABB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6869792e682b220e7da5b4ccf10c281d63b04ced7c8fa2385c22b31148659c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
4.js
static.adsafeprotected.com/ Frame A07D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5SvdZJTrNKqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5SvdZJTrNKqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5SvdZJTrNKqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5SvdZJTrNKqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90207
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
15X8jbvTiBza08qttUsKlNvX8ZNpoBw9EK4mnw8wVmfkfSLPDMt7HA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5SvdZJTrNKqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5SvdZJTrNKqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 68D8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441721
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ppTG6yHJ6OGD1JTndKIcgZCGEoywlNKTb9pdIpZ20CIu9sr5vvm6lg==
usync.js
eus.rubiconproject.com/ Frame 57AB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18679
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
usync.js
eus.rubiconproject.com/ Frame CD7E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18679
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AE12 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
encwumjulb0v
hal9000.redintelligence.net/zone/ Frame AE12 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=&gdpr_consent=&rnd=1692216292117545&extVar[]=DV360_SSP:8&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQZtU5CvdZKmWB8iT7_UPiZaOwAqbpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCrCUca3BKsj6oAwHIA5sEqgTDAU_QIUF6N0Mjnd8Ly0f-gNgc_myHRSaMc0zKfy7w4sb9mmCQPrgy8r9OsAmae3tUaPF82h9dr2gmhAT_hIrLBusaYd_Xt3kPriwhdUyiax8QDNxMQjtGCnz6Bv-C0bPGE569SWSWxnFxpCcl4qzfT_5VcWJ97UMtzn3Pks5CEunknP6m5aCsO5cabdQ-JvhJEG27WbvdGpTbFxO7FQdffI_xP2MsN9rKGcPYismOc-rfah1LVQgEPYX1WeODREn2jQbJlcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIqZjm9_zhgAMVyMm7CB0JiwOoEAEYASAAEgI8QfD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE%26sig%3DAOD64_0nRO51qTqFRP5CrUrq8jnJ6DAUDg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-A-0ujpRoZX5bBw7PPRdNmVrYW1MpaBo9IfGnAqTHqEWpwjVO0Zhd6e2KVomB5rD5SDI9yROG3uy6TvwXirHjPctxvVEfZtLn5FA9rf9UK3tDkuz0owLlQPrkxlrsEAXeeN62nSPSIL20XOy-5tc9zXVKLwVBR4BllP4y4--UBDQNp4T0Y%26cry%3D1%26dbm_d%3DAKAmf-AcM2dKlEehrXB5pSKXWcOZlxsqdg-p5danWKlXEY4ZTwmKpHQqwGnhGXFV1tFkZWkpQ0Rucjp0OusUcK6XH8orxIgOv5U3GOZW4MhljSny1uJJE4K42MuJ0HFP_t5HSMQZA5DzM6Iow6X6P0jnR1Abuqo6SZD6KQ0z62jlqH8pFbDTptxtqbh81BtDnfPrsAWXDqQxkjtdLtLAAq2RMSOA34BaR48aTXET8xIgXPmUcMQi4GsqDaUPov13D__8FqVLZ3-UB-PlAmrP4p7j17rADPJoA6MDHXi6BtLThA3tddlMgTzWJ1ANiy6NH09xaeuagSVyDD9y3Lr8M1bWmoNFLTCojfehrSov0WBgRH3xxvrY1lI9hnDRwyM619-vlCw-7sWkcJTysOgZyMGL2kgScqXGWMkVoLKPfeWGL_TQm7T7Gr_fkQJykktCgH0-mDDzRH7KN6Wqt7WfPONzlImHVPv_vSP9iRZzOMqwBItzhI8FQAcTqkmaB3knRrdUUqDaclFvXoQ0ijPT9IW8KOJvO-NURLyU6oCBtcyxMgJxxgd7PRKNgz-epG_d_wmtVzsClDRgUaaBGJzf4I733eEGYrlpYw%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
1c8251f8bc63f080d087dfc29f957f22da469c0ebb7ac292266a4e0c9a772803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:57 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4158
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 5C1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9Uq0Uj0c_8GVYCuLnkC10OSMyh2tbYM_zx16C4YTVtdnwwjZifxwq5v223yy77FLlSWUlUozYCG805mGvSHsUjrfbh2PTyq_dyMMNEBPMp61ukkcL0qeeVWYJK0Y58snaPZZ0DUOZaIqAAsL9GuW94Kq3xOCth4JFZFlGVY_vG7QvPPOiAE0yq88Tw5EjiA6_99Oi_pTgKTDBaB9hpXrhbxq54JDKmXblYl4EZ4P5ANhj2V-01YLmD_w5yAhKwuiyWn78aMfokT9jC4ohNYlfNElBWWvo5SIX17-PpKZS3IjgQV6qxgnXpLPxodvDUfUNbShapd5KdwfAvbocdX0&sai=AMfl-YRPK9ExHeMtxR3ovbCLC3SxchLV97BtI6DR1Lhf4bqbFG1M7vdOJOuRdv20ZaIVSluTkAQSk7oAqLUgGyITr-kbg0TGWaEPwX8I-TSVHntXHOBQv4oSN_WWBDP79NA&sig=Cg0ArKJSzDDBId6JCiJ0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
bcp.crwdcntrl.net/gmap/ Frame 85B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_cm
  • https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEDOvi_ysTOkGuFr62JfGesc&google_cver=1
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEDOvi_ysTOkGuFr62JfGesc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNX56YtiBwxySGn5uHC5mr73kAS0vmLlmjf9kpxG12rbmd49t8nHyNhCLIf7npOyTDJFJ-kQmBxe0vt8sAczQRM_GlSO8PJ0xsnw_jBJLJnM7ydiCaLuESkQ6mVQoHNT6EX2slQZgUkQDS4Ozh8wYKwjMVSyBhXkVBPbULqTa80TscbPe2A
Protocol
H2
Server
34.241.158.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-158-58.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.28
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEDOvi_ysTOkGuFr62JfGesc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2981
tags.bluekai.com/site/ Frame 85B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESENktOPRI0f49Mc_XKvI8vks&google_cver=1
62 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESENktOPRI0f49Mc_XKvI8vks&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNX56YtiBwxySGn5uHC5mr73kAS0vmLlmjf9kpxG12rbmd49t8nHyNhCLIf7npOyTDJFJ-kQmBxe0vt8sAczQRM_GlSO8PJ0xsnw_jBJLJnM7ydiCaLuESkQ6mVQoHNT6EX2slQZgUkQDS4Ozh8wYKwjMVSyBhXkVBPbULqTa80TscbPe2A
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 16 Aug 2023 20:04:58 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESENktOPRI0f49Mc_XKvI8vks&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85B1
Redirect Chain
  • https://tags.bluekai.com/site/2981?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbluekai%26google_hm%3D%24_BK_UUID_B64
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=$_BK_UUID_B64
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=$_BK_UUID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNX56YtiBwxySGn5uHC5mr73kAS0vmLlmjf9kpxG12rbmd49t8nHyNhCLIf7npOyTDJFJ-kQmBxe0vt8sAczQRM_GlSO8PJ0xsnw_jBJLJnM7ydiCaLuESkQ6mVQoHNT6EX2slQZgUkQDS4Ozh8wYKwjMVSyBhXkVBPbULqTa80TscbPe2A
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_hm=$_BK_UUID_B64
date
Wed, 16 Aug 2023 20:04:58 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
usermatchredir
ssum-sec.casalemedia.com/ Frame 7E3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDJ8W1EwWFj-BCoLM1vjewc&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDJ8W1EwWFj-BCoLM1vjewc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72F5veTMVd%2FhkTTVKtilU2SywOSK3mupnYPF6CKU13GtF8DVwc7eXOB0KJDG8fGYMrpIkHYDVdY1gYhqnEBW9EOp2Q2endBk9iGhC1s6Hj7DWLFqOLou2fKpGJ6R4DZ6oNCkGE2xyZToVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a19593a37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDJ8W1EwWFj-BCoLM1vjewc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7E3D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9HH2JXWTEWVGVY3CDW9S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DWDGH8NYJH8FFH3MPP0B
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7E3D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7E3D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6671895379648701912
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6671895379648701912
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDC%2FbuePUaoXG1xFrdWl1nIX32cuth%2B57Kh3RP4ajsKnpRYMKyJJlU1xGVVw%2Fqhj6yXwOEW3DYUfbu0IhBFOJtAfS%2FB5k%2FQ0ss9SLy8mtY%2FT9BnYgjBzlg0%2Baxj5uVpXroebRrjwlXEr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1e483b37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
an-x-request-uuid
7049f665-3897-4a39-8d8f-1f43ed7a3a9b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6671895379648701912
x-proxy-origin
178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7E3D
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZN0r4gzkfLKSDsPHFf0tggAA%263388&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=72cc6d24-13f6-4797-9872-9e3ebc31509a-tuctbd6b16a
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=72cc6d24-13f6-4797-9872-9e3ebc31509a-tuctbd6b16a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5%2Bq%2BT%2FawIOYssU3KYyGJA9mHEzWISbYpfeYkaUXJ8LyuLyeafFOltjCst4LR%2BkzidSGY56PUmbv9O2myX4MwW0dys%2F5knPt023P1IFgm2z8RdMty7D3PAzNSIdX4O5pjE9bAbv0ux4gvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1e483d37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=72cc6d24-13f6-4797-9872-9e3ebc31509a-tuctbd6b16a
date
Wed, 16 Aug 2023 20:04:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12816
crum
dsum-sec.casalemedia.com/ Frame 7E3D
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708113898&external_user_id=de7ef2db-7559-4d02-83e6-4ea54366e7d8
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708113898&external_user_id=de7ef2db-7559-4d02-83e6-4ea54366e7d8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjxzuOIPhhpdaap5jcMXr3M6jUSWslS0eDK2%2F7x1Z3NixKlN1Tys8SSEhKPz8UyvRlh0ootyQmTWMd6jUBAZNR3repMTjMaaaBaQwvVsfaJ8Va9cpDzbq9zLPKQYv7aj31u0Xg9I6ImdEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1e685b37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 16 Aug 2023 20:04:58 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708113898&external_user_id=de7ef2db-7559-4d02-83e6-4ea54366e7d8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 7E3D
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A317FDC798E84381B009CBFACF0D0DB6
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A317FDC798E84381B009CBFACF0D0DB6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJYCBcxUjuzAMjJ7FWUX4c8mM0A4JJI41%2BvHs2R0XVBiTHkvPPhhgnlr5A%2Fd29%2BcST83AHiUfWkK%2Fr44c9e6qBSAgAcOpOO%2FC7UUMpQEiD5CNxSQ3J0rFZs%2BZ1ejcUJewt2iKlSS1BYGIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1e483f37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 16 Aug 2023 20:04:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=A317FDC798E84381B009CBFACF0D0DB6
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 15 Aug 2023 20:04:58 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 7E3D 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7E3D 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN0r4gzkfLKSDsPHFf0tggAA%263388
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
2461
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f7c4a183a09046e-FRA
content-length
43
expires
Thu, 17 Aug 2023 20:04:58 GMT
usync.js
eus.rubiconproject.com/ Frame EB1B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18679
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9989 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 9989 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.108.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-108-9.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9989
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2658299185019424115
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2658299185019424115
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzvcJwPAVTt46pp4anf07JXoI4sbdYLPMmo6a0xKN91lEI8y%2FfLdzGP5jQeY8%2F6HQcb5%2FPW%2BgQW7zTvy%2FKNyIyG29gQYv0WCMUJWRMZV23vpbZt5YrQusbw5hBFt6HhSYuWmL1lnv4J7%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1ef93537d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2658299185019424115
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 9989
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZN0r6gAAADkb0ABV
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN0r6gAAADkb0ABV&_test=ZN0r6gAAADkb0ABV
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN0r6gAAADkb0ABV&_test=ZN0r6gAAADkb0ABV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwifOe6FLr4eGdw0ZJ39%2BoHjb6%2FcTVUr667Ff47g0TfEkgkxb9hk6I%2BTRvd9QH4aOpjbdIE9Z22DvX46Aav8l6WOXlFA6b5Wtc09TXr5Z4INWWQCOf%2Bu1oSJSUeGK8YfFCsq4bgnjdNuCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a21bcf937d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230046-FRA
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692216299.358884,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZN0r6gAAADkb0ABV&_test=ZN0r6gAAADkb0ABV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 9989
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8117099621253661539&expiration=1693425898
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8117099621253661539&expiration=1693425898
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1m8xIdw1Ipvc%2FbSpHrPCE93aNyEaOifns1SI3kUbrM%2F201UuAM3yOaCPSiRotRtL27%2BsAtHH6pJFQjYe2E5j2w6zbnihxSLtenjW3UNMNONMcHsnHKS%2FWzq%2F9j7w%2BBEA0cKF4nIaNrOiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1ef93137d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8117099621253661539&expiration=1693425898
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 9989
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588525887814035
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588525887814035
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1p%2FBiu8u6XzxFrFUG3jLEU9M5WCV7H1fj8l7UKp99q0hYMcYr%2Bd2XaczFJDLAA3DiCCnSJP6P%2FcoPL77BCBiFgsVRB28jjTSUWzNPNRmtERWgbJOg8r4O06Fkvtl49Qf%2BbfCpo8GFMDew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7f7c4a1ef92e37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588525887814035
Date
Wed, 16 Aug 2023 20:04:58 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=23728&dpuuid=ZN0r4gzkfLKSDsPHFf0tggAA%263388
dpm.demdex.net/ Frame 9989 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZN0r4gzkfLKSDsPHFf0tggAA%263388?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.112.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-112-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-08bfea1d2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bMEA2YkrSvk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
user-registering
ads.stickyadstv.com/ Frame 9989 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN0r4gzkfLKSDsPHFf0tggAADTwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:04:58 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1692216298789008-336
Expires
Wed, 16 Aug 2023 20:04:58 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9989 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZN0r4gzkfLKSDsPHFf0tggAA%263388
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
2461
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f7c4a195b91046e-FRA
content-length
43
expires
Thu, 17 Aug 2023 20:04:58 GMT
setuid
px.ads.linkedin.com/ Frame 3D71
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLE5VZDS-S-8PAF
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLE5VZDS-S-8PAF
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: ABBC7B1B5EF74958BA31215290682F2D Ref B: FRAEDGE1314 Ref C: 2023-08-16T20:04:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDD89gNLg9E0utxQ1Spw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLE5VZDS-S-8PAF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3D71
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExFNVZaRFMtUy04UEFG
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAosKy7RfwydxY6YtXXGSYk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFNVZaRFMtUy04UEFG&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFNVZaRFMtUy04UEFG&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExFNVZaRFMtUy04UEFG&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3D71
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hbaCVo22Q92qtl9Yp8d3vw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hbaCVo22Q92qtl9Yp8d3vw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hbaCVo22Q92qtl9Yp8d3vw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TZS0W91690KC0SR6SZ5Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hbaCVo22Q92qtl9Yp8d3vw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3D71 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 3D71
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oabr4Sc5Qn6UIlo66NZPGA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oabr4Sc5Qn6UIlo66NZPGA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oabr4Sc5Qn6UIlo66NZPGA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZQZHZEAPYNBM70Z916QT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oabr4Sc5Qn6UIlo66NZPGA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3D71
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmZhNWUxZWEzOGRlMzk3MTU2NGI1NzZmOGQzYjdjMjFiZjE0ODQ4ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3D71
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/22nZQs_bs8yUCYuVmb41Pw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nDTHXoJE2oLVUEQXY3ArFZy2WTH7VJfcYvDx8g--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nDTHXoJE2oLVUEQXY3ArFZy2WTH7VJfcYvDx8g--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 16 Aug 2023 20:04:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-nDTHXoJE2oLVUEQXY3ArFZy2WTH7VJfcYvDx8g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3D71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOgSknL8OBTyDc0R7kyJxi4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 727F 		215 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b80c16d331011d6e839ab8fa44dfe40aef93b681249f2ca839f71b12e27b339b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 16E3 		603 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198762025&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209097&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216293843&bpp=1548&bdt=1411&idt=4041&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=2&ga_vid=1630745151.1692216289&ga_sid=1692216298&ga_hid=1535669831&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=275295946&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076839%2C31077148%2C44796700%2C44799579%2C44796312&oid=2&pvsid=699619379780941&tmod=418020901&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=1&uci=1.tasxx3i3tw46&fsb=1&dtd=4054
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1642 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4jmdZFUep-1NjWimZpuGmWRFrv2aK3t5QnrdoJY7S6o-EYu9aO0BncAyTG-tstzDOunA47C65Fcen8uTp8okT8SjukDnYtyeEl8NXxYYDhxOX92Ax&sig=Cg0ArKJSzP3AMttIM7dVEAE&id=lidar2&mcvt=1718&p=1110,67,1200,795&mtos=1718,1718,1718,1718,1718&tos=1718,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4283511922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292633&rpt=3558&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9576 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJ7WsIJ2Hcmydnx1tHN1tikwy7RCsGahKrAup1xPQhMpAkPx8bamjDzSCIQoyB8ndXBeafgV-IqcJB5PEj8XnibLyX5zk8hg0phiVddlwEgq3qir-p&sig=Cg0ArKJSzOwACV7FierhEAE&id=lidar2&mcvt=1522&p=1110,67,1200,795&mtos=1522,1522,1522,1522,1522&tos=1522,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=658150668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292929&rpt=3466&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:57 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame E114 		0
0
c
prebid.a-mo.net/a/ Frame E114 		0
0
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		0
0
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		0
0
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
0
bid
ap.lijit.com/rtb/ Frame E114 		0
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 55CF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
usync.js
eus.rubiconproject.com/ Frame 8A29 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18679
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 23EE 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3399eb340dfbc43502ca8ffc57f962ce93fd03a76f17140d32152e334c8c27a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50790
x-xss-protection
0
server
cafe
etag
15465841367944645618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:58 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5982 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A07D 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:58 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame AC8D 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A07D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvObhkUAorBfYzq4n_eTQJ-GRGonXqrCkg3YdNQie2JY5s0NUTLXixqbUjAUghw34tWWbj5T0pAotp09IYQRUxxGFyc7wN06X9hDcrg12RQ9dD8EQW2WB2XZFmj8V2iz3cahUFHtPVhgP5GBXp3mE1cvieTF7cFHgPczHZWxOKEKImS9GzxFsSNhrdjb__lsQknAW5Il2Zj7qYXrIMxcxaQk8-V8CQIbcs8SYyeSygPzxKgcInTCTQAf2IU0YrHaNAPFoUdyU8ZukyMJDstqgplJfabe-ekGqnhFRmhkEM8ZsqhwK9O73TGWQzMghkt9FtYFHNNETRHDMj6NR32eDGFQv5YYlJ-Qlh2s2fPOcqiTPjZv1wGrhQig6F538VLStQnOVrtXFejBHRm1F0bU_Y-d9qr4NncY3fcbSdrIqKstRKJfZokmSj34bESbXSvhvvP0D8n5s1DjRBMqntN3to3HgWKkIAyRzuNyfWemQtLXZxYQFrjzzJ0cwguQ34mNKUBS1S_6gktpuyU1wnGEDJpk9MkvQPsrA5L_DT_RBfM6xJehhJ0mrqs0zPz2oKH3DCRjpHmz96hsd_bS5x1U6bA79VwFoKjEucKyPVlPkTIA2cLLGWanBM5SaSFOn61YqlS8GSfB1XzwTICKKgReWXyZ7Y0ixijxJnZQX4bdb0yBpXeUnMM4khk7SSeZCDSU0aaBOlCysvvEk8ROWZS2clny4MXw2JvT1Ks_E3J66TdQphu8wllnf4DlbVV6RIm-cllOrg6FZ9mLGnzNP7Uf_asRyrjmtgp-6Xlb3L9mef0MNaYFfX2qzCm2HTWOU8fXsGXxcvatTp81V30yJMZSgbnfuw8iXh0VXUMpRfBhlDoQwXbkOTmG5YcW7EdbsMAQkO8S98Cv2ETnUXnrEC_UyAA1xP3KWHHTgswTAsaSRMnjpHWjZs4KdERUCS9d0fhXQ3W0W1YbnobveD6QRTvjYbMOP7yMuSkwTu2EQ2dN3vThCNlmKrU2zzK8_CvqZs9h2QcyxkxM0mzldYDg9Js2kLV1FgbTENzNQ3SMHF0clUoMajv36kFt58upH8cVNmoNdiEV0xCnrs48abf4EpIVhfinMZZQL4XBRR6YSemTajmEqdMjIVmGx3cj0dmnQfGwDlGlymRvoCRqOv1SgqZdl7TnMG-VrVMOgBAJLGJff2_Wv1bn40GgKAmBhPpDDjoj_II70KkqZChDPnorUqd0MSxIg_Wz7omqm3rlazWlt3MJgaD-1XhFbMDxCsuMtyu&sai=AMfl-YQm-Q19qNqn3cMf5j5uHd0giuRiSH7Ccovxsmt-BLtUKVeSO1uH1fPcgh_T2nHm3HHWj4kB8oypolZcpuX5v755bo2y0CavlQECkc_NFDIwmWNK7LVazWVnGAJyZDNwatY6JoSF-_Aiz4xTluGhn00WW5uzatjuR7PBdCIwqsP7xaAF5xm799eI2Gjg4J3z0Xi_qhXIdiRyNl9mx_OURjjD1mZ1yrhYapeLtKNWKMrCa1vIsYhAYaeQisA&sig=Cg0ArKJSzOZiNaHUV960EAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2933&cbvp=1&cstd=2921&cisv=r20230815.83857&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AE12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW-Hj1U461zQwu-gIyXekCS9T1O2-1af0HFdnSQhXbsm53u4sEHUaYk9EzfBHqr6SkQVYpj8yv3dZivDFw2kgn0RaayHAOasAcwvF-7exPFsn06HdBITplEWfytvMtWQwYMlPHLhaw5xMHlhg6GOAXExQ6UfczSXl3dKlnk7QLEI71tss8LgEe8bXHt1tAfGvOP-UdO4cIxzkSJGtcwsUw3mOlLcGVNiS6nmSodRlEYyPszBNP7_cKRf_AqQ32QRDR0ovsQ-Z1oUXwnzvnSZpod_Ha5WdSAxqQao9SqdGqTYrE3jx7G67gF0YZNexnMb3HQQegBvfx7IQceAV0OLnzNnY&sai=AMfl-YRnutmmaRZBBoRv69pnW24rFEsX0r6sPR8hhK2tmgmAlxxr5lMcGPYcEKtTvqX19mWiwxiPcxEFeRaaz_VW_srhbY2cmyCPOh8eMOumzhuBtWXOt-VFOzDJh3vOtPs&sig=Cg0ArKJSzMtgs5GdnnN3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7F7 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1640099854534&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7F7 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1640099854534&version=m202307240101&ct=77&x=8&cor=5185918031109850000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D7F7 		18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6OUouy17p8uZPRKzSQclFAF9y5sQ71RBqunvgO8ez3HiTlbjAl36xbypFlVP-jM_A41A0V66GO3ErMdn-jKWRAhyOOA6YgaaVsUfFf22vbUYwy3Fc2YSE9J2gD-5cAbKOTzJaKkQnZ90SaTYVxT_HMjEFXtR6HaqmzKHWm0s6xuRhhhA&cry=1&dbm_d=AKAmf-A6J8e1hEKtR1z7gvaHAoBPXPauS-YKSPMGXBxgYMQR5c2_vx4OIRV6POJR4ReNpGAIaXEbcPj-zq2JQZvQyN3RHAAA8xaYUF3bhkVKOqErztXhDJQMiHMIMvbX4swWqhY9wQEaRNGUi7q98DtVkVGwtYrcx-RRL61XyAx5QoK1QF83t7DsdhRuKxAfJaL_eUR4lUfS75QpjMgs40t-lsvbjgon0Ezl-9xSbVREYQ02XIG30Wg4CgDUzGoWabxQNMJk5JXNjYPIog3jn0uymqz3LxezeI0KrZIUgIJizqdi-WgVHFIfGX0oLU3Spbx1NSRLp7ZANbtfA-4N31E_twvdFiS74wdZn_-FQDM4sr64P2fsSjnDvBIDzZz20-fv2LfwyDh5FrfX-QdFmeu-8DjrpW-K7171mkUmaA-eqnaaEcPDGVGvlOyQFKNqBaRuSarTgrlingFm4C22BR_oF0iS-HGCNsbjkbN2yYWAaeNVLTQ-N_zNihnf1TxjonieXyyfJ5PUhujs8wf7Ot6SR-JP7AkBQ5d2YALLZT_tgiI7zlNZBFTFqhzqkPMBEYJAbZmfeTX8olsX5vczcdkVrE2u4Qr9sQ9Y_G55rbxe9JUJOyzs-JbPSZU3BNA7TBlYOoPiRCF10KvA925oB86-4CFCiSFyyt5vBovCtHzn8m94_BHKWotgMbW8P4I8Ql7gh26ToouhApoKmVC1aUBXeGY1XNePzHZte0YCImvmiXsb5AZGnAnwe0gjrjm30lrXygqUduFh-57B0O68rtGXUCvPMoFJPrkTNS54Tu0KIh72yzhhjc-sGkiFQOxhobwePEPMV1f379r0B8Rz1Y7KGgyeasWU7jNLVcuJ9EaMHCZc8LCm8h1wteUn-9JCjcgzibWRgcbiUx1VuEm_Er5Nz7dvWlVw4JXTX7hhx9oxBVk3aizhsCr7gXFWhBR-iRK_ubXDwudCCDI-AiDD0lkXIqlm0QmkmR_lQdOItwt-l2gyzB6stTwXJawv8Rwh_FVg1YuD4xvFrh9wYoywA_ngVonoqmtwOaU1DvEnr775BK5NfsX5XSk5h3iDl4gKMghY9TlOYRxtwkGb2-iHSD5_3Dze_nx7NWnzLWUR13ezCCC9pQtrUGopMnd9MXINO0SF280udXoqo9pTVJzc5RwgKpwrYe5Gt1BcWM08EphU_3IYMusobbPBs-O_yJjR7W3mN5ta_Iu5blLnaKpGkCg3x3iwO_ohli0GKS2-UZkHsdJcUcM2RN9bHc8NtC6RrdGGGjtevvnI1iRX5NWwihzOOUW8DfNYuLbxw_zroaQNpx1OmF1kt6vQJaHkIlH3P6GFD9BI-Ln8cTilc3PSWfLAvyaj9xhyHgCxK8PqzhiU_5nIOiP1OwTgKsrL4wn0x5Sn-Y18lcrqsrQ75EermYIRMpvfdlMjqd6GiOItqKjYokagu6tNl9XRpgb1RCdS_5bdZLjZdCLrMEPr-GL6yVaDIQNbz3f86QuBQC9fsqtheYapgoXcmjA8XEwY4YGhUp6RZe6OReir9gaVbaBW__KB4jJJ8AYuAu9M1O2Kt27cUPSioyP01nZ_eGFwIypnS7Ej96VfReXOHcMPEn-H_yz5MXzrxxKbx_Iu6l2tDGcSC9qa7OjhUR3hhLHBvPgHxNT27ZelRIcTGLi5dCVlyr7cb7eE01kXvyA8fIbtbenGWak3wMeCVMqJVob6Oe-QiBcPAH-gh7fLKx-LAlsinYkMoKasL-2zV0JG3iNGQAbl97saFIgHJv7fSIpWEWKrApbL-w7IQuPUnA155B0b66_Lcj7r_UUDuZar7mCPfxvroqr8ExKiXdik8mHB3eUOs-wfvklGcLuOVkWRV_vaHkuW-_gMrzktlsfMRB_pts8v_7ZDLz2Os9P--2p9D8xyjy-Hl9_TjxGAq1HJk5zw8GRexFqcBQS_5itW_sh44ksVrsk8cFjI2r2aQPokF6g1Ftroqe4fvoB_1dgyPt8_fLraDD-g3P9WRvYKwxdy_OD23Gn5K1qKzg-RvDhLrqxhoj6ZNSh1iMDK3Vtw1pmaDBxOrF0MInnqGG_Q4zNUP87In8qj8eeEcF0MQ3UhxRDhaef0hKlzQ2pTkkgGQABvCdgKvriaT0h2-jQj29Rj16u3I0tfMVpPyniwkZgAcQkQ7Zof1Lnm9cyvQffhM0iva1toRoXYe86uBB1FsAAAlekdh1V6z9Behma6Jw8DlyeULVejltiUWjRV0JPlY_8RaemTzMH52Qu1ReTYGaA7sozzoSezLHi19jI_NVxZj2AilfyDlCApSrAhH3uJzMzHa7Aw8moOer6QYLFA0AtxBY8iC4sEHWaKpjjFPFCMLT13T2n3rhfeOS0HIITvLrNJ_jLyMXqUWefaoVfeNNi5VlTxWBrG7OS9WW1cpAPD6z3KMn0XqmDXzMPxh55ou5icE-1bBJvrPpz0ZjlkKyZ6uz-tvc3XdA39jtLQnCMTN7lM3dgS_rClJnxQveDyrq_tTdw6M64tzhLlm_AfB3QIfCs0vnfUnoFns9cN0HNEd4joWEbHbqBn1wfSLSyS4Yn0JsG0emDFg2aA-GymIjLEZ9TwCRTlQMCwQx7R0myvXDZtrZo2Fhjm3KwXZM6KbZ62iZRMVGFuC4NwsReVzhCUXqRLMCnn1-eNcefhWkyNt83UAspL6ndCnPJKSgtFPJuaVdzhWFVmsbNzF-eBdkKzh1F5iiyCb5576fvR5I-D1C3isf4PNC9_ZwJiTGT1hoYagPPtApCB2_Mafo0QvTAxWMrh3XzkpG1H4LBG-OZaLgV0ieje8pDalgfjOse8LQ4uURsizLfb3h9s-5u4MwEzEYmYBAh4UVWFCgOiUzfuJ-_mCMj7SXWxlGRObRb0s5L7l2j1qJthEHgw3jFiINhqnTjQqPn4b5kni1Xvz8qzh8h8prp1tgHpZKpd_IcM3O3szZWM9H38ha-QWGcjg62chCYohZ5I4OZEsPzqUxGrPES6C-s0r1XBG-qjzbJU3krVv-9vboKLeL5loZqzeEFnoY-de_B3YsyIU7za8BMJaCmho0IAsGKasb3_NBeQ7r-TxugJYOCqvFTvFhVN3-RgCHO8xnUy93L5_IpqfQyCVk4jaDwSha-V5plz3L3KzzrZ6uHSaOwYZ4oWexG1014vf73DMhVOKkpPKhgVwZi0t1gpJHI9uvOKLERiEvHCZjcYqOYsJ8r-koEQdUZAeS-zkQhE3-TMMaI5SmlUq1IqblNEKBqDFtXwluSbv2DEX5zSb1kDaOydS6IkC_1YtvtAOD_zJfctaIlMT7hrXijO2ocZ0nEWP0NKmiU0fSf0KdfpChdcaDT868gquu-kT2t-qhZIV_BBF350KApTwlgLZOtoro92PK-xC9XbSnFjoa6mdJeQGhJwJhXKEbACPFh65RuKwUViTFuqdKuF5LLbsFNGnwJDdGotTQ2sKwR7MJz6IvJHq51UOecHOS_SFO2mAnI1yP2GfICzne8xNknZwEIoZoyoDjoAIGJT_vTn8EW09dsnRIWn4F3U1aY9bpDBgg4ZsAZjj43iz7GZt5NxLTDmguV9IS-Yglxw&pr=8%3AC1420188982E9EE5&cid=CAQSMgBpAlJWtbJZ4ANbBbsP5-7KRXsGiTRqQkcFb0DywLCaTq3YFK3bJwBg1pFCyUqBdCKZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=5185918031109850000&adk=3319912836&idt=82&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad804a510807296e06e4aa76727cbe48078e2d56a1026663283a4c6452a03e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13140
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 979A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEOGQ6cYEGOf_i-wBMAE&v=APEucNV1reTNK4_exz9mYxLJV4WGWzMUF4VD8r5Fv-BT48VM_gdbNv6Ui3QawWNJbP1a7CujU4938oIlrbhyiR6aSitWmoKVLQ
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1121 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3112189783414&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1121 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3112189783414&version=m202307240101&ct=76&x=1&cor=14470737961470525000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1121 		73 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjCREVXaTZKT8ZNftsB3FAUkA-zBqBCuufW2-l05VgjQXMB9G65U3uGtQppBPu1aTx_-2o1WmfhHRZf6ohcho_z-6XeQ&cry=1&dbm_d=AKAmf-CZh6irdBzzyvxeUZtv_nEorF7zAfmpb1Di1UBl45DaWRP-flRN3FwrFL4nzWZjeAY9YzbGy4-EjjcYBEROcx-lAuuWMrUJHBxdhlCrY7CMoqd2l5if4pnQmALl-x-NReUCXfNFTAqDAcZ5u3QXhgaIRs3SBzXjIloPAEk52poVJpW2MOpZ9V4kyGz1dnCD057QTnZHxuY9_tP9xfaNtG9m6_o0Z0m0ezFn0WfQiHcUkNMgKpsgAL5wWJzXRUWMSbI01GTByAnMISVZd0SAX7PpfU7zJIHqBThfXkyWlJ5gSQBAuUz5RPBo57Q7Z_m4f6IwBVT1Ui15KheuQ_xa-Dtyxsdio-nekHTjxb-wDhfEp1vl7o6aicEjCALj9d2UaUeuYnQ0vi0snEb6AVc26svwcJ7EEAvf9scD6pLIndPbehzj4qOYIm6NsjimTdy5LFo_n5qB90N4QyKRdVJ9LrC34vzCd7IGhAK3wdy5qShWrDaT7LQCqeb5vexmuWFtxRfHoXl1pvYjyjkSJkY9QGQOpyhAwCjGi-SUUfn679wKO4mCwvjs9uTPW0eCA02U0oNi71lfO3t8yhWiHf8jktsQDprEc9N2VbAWjugNxIixmksywvifWyBfYWff6OYHUDxtPDAJqlPVH5O3_u5EFB_7vAYSKqkKOd66UxrSBeD3gdgZauljV0p4QaCVwMtG0BAI5_B9Cb7AVBlViEtCSXrm_o1Qf5at0CJZZyCJkC6h1ySpEfr9M58Jk6w7XVPfu8LtmbjRXIfeVcjNbfFCJ2nwSMbjymi6MDW51jYJANfdlzQmAmWkpG8MJWX_EkKAkapvrd7stxGoQYOMEiYrPKc7ulfWJCV8GLgpK5_wzkeS9eb6pSn4qrEsfkchPEfclX1EeOrVPXIGP1x2EoF1aJfN_jojo6uvPqlIZ0ehuEatPtsFTJ1GvmkHAL_6mCDitVemE5GOSfXzwIPIyOYOTcNo59kQwY9wY_z1dgpvNgXvKSO62fhEDKg8_wgQ2-PxlrJoI5lrzkq_BGwbWhywk4VdpaO8fWchrmaRQOSCc9unv4ZSJqlXru2TUZpTa6FDdJTReiwuvzK4l8rwTvyq2RW8jFVfGIbvTw9dPnzitKGfSu7yR_xCWRI6XsO1Jiufg1IIp39LthEdwnLthiPGzHRbYt8gDCEU0xu19Ky6oqn6gu6oouJvWvZyWnGH8KeKOau-N1BoKLx4Cp58bwzXzLT8ZnbWBkUimr8uY1yHPs-LMqtFs4GjkCu8DjkMLfNDtbzzV93sq6z5fVDkV3hNC2OerwExfkQmIic31q5AM3cPFt6djJMezRisDlRa6kx13bJgKiFmHsLUbJEL1k2Jbyb3GK_DbHVfnvK8OB2p4Aa4RbqxDidpONOVndIbKIExDrniZYf6pDOp9z88pr-SyRFczg7IgW1QnFKRi0GFCq7DoGDWBy8RIKl_7Ab73PE0jhBlNZ5VxUcYeMN8woaEFQpsAKZH5ti28gYo5ivxZ37ywCuSOmV2oM0Qya11PVkGOsEv0ukKrvCrXP4Qyhzzrx91XN0DX8avwt0eGgDHXfwzt29vHh70wkFujb4U1Q-_mPt_dLX7TU0MZp1rRyy9HCfkg0SCHbeHn6wMkCL1FWWsjBwofRS9qWlX50TAn5krWZxFeczyMq-ocDWMAK2_AJCltBdQpdM4_shjInhsA-WMvNpiCd8hT7cjwDL8Ns09_bBUc56N-6a8M3yD59d_qjm7nlwhmpx3r9tkNSaRCpg8ubBTXvQshnxavzwhu79q9Gmav51jq_S2VQZBdwvgkj-1S1wux95Obs4tp3jW6Ui_N6H3btxWvnf25SV7cqhhh3ge6lu1t192HK_aUyB2L_w98WMZyQmmUJbREXp6XXn8rQs7NWiMyeBsongD3YEsM-3D-8YR_WnC2T4aBFQyhJADCp2AIm-sR8YTlblNxuZciBPpQ-QITOgZ9WcecwVmbTil8YY07-Gd-77eayUPX5umf2QgSnrWcYJrWkDLaZBT3Ogx5Rw8EyFaUMyqLn-Tnr7ZUnX2SAHfwCxMzj-9FKkTlluOpv_qrwtIkifWtmcR6PlhIrmTmg0mc84XzgbTDs_0pYE2U93y7UB5bBW-WglWL89ynlQsOOl1bdu4Om0_0le1GkNt8c3AmomSd1p9r3FcCt_9k7cRp_GW44EZvaTLTWjLYBIpKcphJjIiuTFlw_1dpU-RGjZpVZlFmNJeSBHuJ-mWZerM7qX8ESiVhBUyGLnMfWtOhsM5b5vdOKzUV_hk8L-dm-Hez2SxCoUSU1R24eZoF7PfRphWodgyDp8RPashcu6O--JlvPaLMq6QUtTWigseRzN3wWpj8Rcb8wpm9wXOE0Y2DQLbnVBFjbdR4MCn1F_nxQhwod3Crfpor74uLQZWNkC3RJjsxVAPUcmM613sBm7yxQRivAwW6zx92BSR--huM_jEIwojafnNYv-5H7SXeTG4H8Fo7DhVVPkqGhNF8DETBAp2I1fLzY5J0uPOgjczPho1VWegtl1XZwJW0zRC6i5gDRQhfRnAbCEZeuifbiznO5GpRWyWt79HdjE1iEssiVO_BWn7Fer83xZgvAQQAF12JxPQ3eilBFsWm_YYo4LaiTSN5CVuZqsKJj9oQnl2-5cHtps8xmGlGQ_pXnovqkpX3B95JWFBW-WjVfBxPn9QNCt-BovQG015GpVHeQOs6ZnVhzG9lfaun0qQNhmKtEz8Rm4-ZZEQcOxllpcP-1j1OsbOQXtXZAXW0FzFELouQ7ZQAYtu_Y68a_ZKbv75A-8Q_l5D2PNywbjiLR76R6WySzUe1np-RiUjuCKoqgQbnhoK1ZESGkrjMt68qwm5q0qLaqkE_wntVqlXNmlQfX9_Fwo318nFmLIHCnFXVx-FYaCgFJVkfXJ2AmS599SJzGvQlvHH7Vttwdl78OnDwRnUVn-_JJQ735dl6_7WZ0njpv4XYYNRjG8J20z1TGISN8SKMypGl_MYfW9t2aQfdnqXQokXGW5z-j2EhmzQnbZXnyeIxQLC3Nm6AbUCqUkoU26qTXTz58AGg9eB8jKNMjKnxbbNQ0v3RBOJ51AlTOns0UzjjY8QOvBmrZHsiBlIKDDR9om8SLb1w9K3pds3GWtqwbn3-ZR7wKynRw5mfWShAdpgF9xW-OHfFxaYbOXa5Zsjre9sEV1TlrsHPtbpMzICXU1z2Zv8y5RmhQWd1DnAm34OQdTb2xtL4tL5KUmDByBXYsaPcQurP7qe4L254AzeYdqpsfNw6s6py8oTtjEhojlyQkmiR9sycckbTOoHSjcLHfoxgqfmTXFdRYs3XdP6w9dS8sv02a_JYSDUXZFH7uTfldBaU_oDwjnoUKSKdhUFVms54bpR3e3975d1ebTkLEbSumLZWqcfPyG1RIfZylyfvV00gG4kkwJ3nlpx8bKU8Kubn8ANZ-B3Y9bUI0mFUWWMFNDnRILHrgvx7yzFGGqJ5lO_Ja5AF53FNo0o2ilwpByFO2zvIh6IQ33Jh2eEZ_3q2-Xr_MeNoymFjg900CzvNg6vpn3u4ohPys-cG_kXCt-eW2fkzodkO2YMX4rDNMVbF7pQroMkZH0LYjIyJBLz0l4y3p5_pevDAfCE948UUUgFRQqrZT4lb8OoOKU5bt-lB98ARfJcR4qaWdUUB1cJ6hgN3Tk6nZeWYmShzWGjwY8sMnYce79rB6fM&cid=CAQSPABpAlJW8sQe75NoJeqJQ1NvMyYUiYvRc14u4OqLdFFWxZQ-FEK-lq6BLlm3LW1XV-Mb5mhSHSpqbgJj-xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=14470737961470525000&adk=2123886299&idt=94&cac=0&dtd=82
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0b921327ea30430a800795490050fc75aee2e7eb5348429605652c09022ac9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33511
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNJJRmqQ8xqOyWp4oKvt3xo8PUS8Y4J8yKNUOgQrY-JV6RoR2UdKpgLR3AGX1gKlSOdrQHizW33WMAU9Daq8vnoBnTDEGSbmR3K8wSoAJR81SrIFR9OY8BAS2u9iFm0oZTsR2wuObHbrK1ueDDITESPf1WHu5i8Fl8xf5n0IjTXq0pW0UkbNkxrPr3jH7GQZW_j6PIpN_p9taQGjUkncJfcQq4c-9tQcULXKSnmiD6GsRxTmQzBuBv7pzTykbxh2owGvOsE-HF8V3_3Tan_pvOkNCot3gdmJMIQiKA3e5s6NKmuuEalWN5-ck4jvo0H48Cwx7O7d8gkUjbwh4TsyI&sai=AMfl-YQBcHcQKlrRTUXjVuciIlmhSglrjPOAMW3gOESG-coKyyUwFqAOrycsv3qZcUrrCq_rqJ6-D-Hy-3_nWY_sXQ8sayzaBUlKGKo-fSdkaX0VHtCTMlXGKIVzWFK6wGs&sig=Cg0ArKJSzCCNcwvwJ6S1EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9601 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_B2h64cPEIoZE6FaWYQvTmkShBXn-R4ETmLblwMctoYfGCVYn4fih2Q2MVfTwav-W6t59YKxSOGoHmFdDQ3YvZrUKlatmScBe8AymuZLWg-HY-BLSKNA5Vp9rS8inkk4meud6Acnh_viwqApGsUK7_ZzYPmHT4Zk-G_EcDnyVE9fE-3xj8AEZ7uNUESxV83G28nDuTLiV4wUIJrTrVdUBMPso0E-sxqPBtcjMjfUtVpqIYNY3oddn3odBAYg6jpwA98PWtfw9fjsfa78WuTgAQggOHbUIwroCzpnMYjxih_3zXQoKz5SkUC7fgsI95FtlCLDVNryq-5IpphxJFhw&sai=AMfl-YRbZnez4Efl-GRBx_BwWeLg-xfDCDLA_fEcE7XyvPjcMAzDTrjoUU2ukWvnk-bncZrCVhiWbWsExrGP1N7tmS2clmujkG2tmw9b0mErk--0nxuDfkVRjjzGEgc2_Rw&sig=Cg0ArKJSzAjgFwNdcJ2sEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D387 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGL-_m_EBMAE&v=APEucNXCZADuiaWkGLkS845EP4PZluMkoPqv0jhlbDaz3VMsXHUj0oICRzLEzwX2g7BlmIstMWuTqMRSGhVbotc28onxCN7eEg
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1552 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6714149930157&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1552 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6714149930157&version=m202307240101&ct=76&x=1&cor=2661047666092508700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1552 		73 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlTbx7Vr9Q4a9qos0NFpvl6NW3NBmPqgwSthDTkN__KAeobgT3W9_Qa26Mt9yyfEJFRjf2HsLBbjvzyX6tWUA110F2sQ&cry=1&dbm_d=AKAmf-CQwz85UQRxkA4DKi12ikft3XLOn19tNitCJgSMibAQSSHIKyg2t41WB3wk4MdzU4_BR9kKPgk3wNw17OT8pWHYInNxAynRi-oZ7o5P1XQHnxY_NoRZdZRsDqbIUIiT8giY1enYheokVxQ7lZKGHildvIHsXuudvELOtPEW8grjrVblMkeLIM4ZVMWLL1jxd6bVqJ3iXd_t7S46vWs15JqkrN95-MWq54CcpfpsBxoJvPr_ES9Rbxo9eCAvLpyMGmn8wLK140whxxdvQ7DRjhqXexDyxkIyPyxPg7gAVVDsg1yBuFxUiJoANTfWlfwAQuVrzQnP0KCp-MUHX79RS2mDBCUQTgleC6zWju1rtUchXLThniBcK9yiM48FoW3dbGR60SBE5mriUsQLkAshswLi3jLi6ACxZ6Yt1c3bThdSI-iHQ533xPXDPo2D2uYxTyDC8UUNn5zpVXLdZGMQVkrrskwwKjDqEdRXzJk_kKOj2l54zsjxLj4Txt8Ms1KfE1RufWKfvk9cPdtQQ9mQLG2n-w8pmiVf4uvV_xoy1WEAfe6bjbZMJaRpdsoSg3-UnWzlJ7WLdpHc7aUV7zEHPZdfFYgTL_RngrYIVWBhNdNgH0QNkFq85e1tpjWf6oPqzxMAIQsmtFasN2S0nfc_WGmbRhTjKMvx5mh1gnsWq3CXZgVnpKGYU3_9Li-3lSat9tpnIpRUVbGtys2odD_d3aMjJC5_JVACUnD5RaukoupG44oPQVsWpdGWf49VzqXdVoDE0TS0D1E56_5kXPO7pjnaMxfaePLx4NzrMG-Xhenv7nbLaaWBv3_KmdXMoPDbr4b-7wHqmY8kwnAvR_3zq9E_GUjjinQfTWaqzQ1Cmt0grNnJkheEmOleKy3oFRY7Xm26V8W_Qb2SIRxZyWHwExEMySo1nDnnYP-YSV2aQ2wJIwN-sMH72c1qra5EgZQIA5mCSZ1_FSdlyy6Jjt8Bm120kfN6NzUQPbrXCGPV-g187bhSEuX93_V0gPUv1iWo5l9pxZzbwz597cqRmtIHfNEUiPGuqa56Q16uSFCojZHap63ZGrxYbTKaFrQcazph7ADFDZFy-_9CDQG8EIbOWn_4HN6Xykd3OtwQoRbFQdnI09uh4_mT795-I6d6QqpKc3P24k2wxppBb2P3B7pyBO--BEXtrhEHgVKn4wYT55Ai6piw7rFttsM5d2yBWPj3qFw2CftXKlkmI99pbyrV_w10-Eu8in-_-Ml7BHMiYjoKUWCBEhwOWF4VULs5G6JT4tUtv47vPrKdjjOKmePnePph1YMgqmKUJRTXqz01Sb3bVLUlT49R_Lj-O2kYnhmpzk4qy33uzCwU8IcWnwJzZL9i1F86QBmHnZH6nhoFdrvIpsofDadab9e37sl-J6RgJKZawBiiSwopBFkzLsgzmrwBcIMA_0aJBWjJlKlEqqVtMCd8OOSHHLA_PcpecKMFTL3LyRis_6n4fxJtQjirIqwti81S4YZnW7qag3RMTH8w2eB5Z-gIRqnrBmbf8iorfH12tre2HFQ2PVZjs0r6K8gIWjieGYhL4PKl1EvlB9c_XH_c9YCcFZvcQAzFG2uFRqqtc6EblmlH-l21OIk7m2WSBgg2BPN40LugROSy9xE7DM8f429fzWwYI5UraZ4ssbO0B_55eR-bRrk8GnAfb5pgpKifj5vf7KdRZgaoBY801G9ObKQXjqaHs7ElXj9YCTKYEIOdPSvyLKpoaf_3hruq9sG8hdxhKuCOTsogm4_ZJK9SOP0ZnoBxW74R-nPcCJr4Km7krdolkHtMGd9SZeMVUV8xFlOu-EenYjc7tYUqKp8-3SHgJOTNC3rMRiLDQgItROWZ_S0rPfd4E8NQi4P3hfh3Y2HFjqBwLdU8BoQA_X9HjDjVkKJGSc_Oi8FGgBfAZbXIVdY8TwajDuZNVMciVCxQEQKRK1LkmqMmOxgeUEyGtLD8Ik3-Iczmqr6p8g6RkwZkQylx17Bv8alzZv8kNIC7SVyOpCYt6xO8T-2S9mHe9WWqN9lvfVULAVneHxgaWU24n2P_bwDfybDtNCrdZBPpzm1pgn8TNBxT2FwDe-ZlkcchzVt9X1rg2xqG7drrpuc-K_pearrnYfMdx_LdIoAUCu2xcxZ9Ms79oYHIwBcwO_FTbF2uwM6PfglgYsjFWMANQWr3l-xPMHh53CQ9YEOfrIs7zxiop7NwvVxMcunavUuuyHaDYpVx7HYGnCSqcbqPaB0qVGrB5cjxW2RxX3391izxSxhCY6Vl27LuBKxZrXxJRWdNB_I3bKqOS-FL4zV6bUKvirE4ysGTuqmcVrA7GPkdclhULgvkWGBw7jgsf50a7SOH7AH06-jYVdJUM4310SVyCSZL7Nb1f0GfdSZRR9pmrT9ZldbSAnr_P4aLsNgtvJIe9W_p4Rif8R6Koh4vi4Mbd92mpdaqzI-6jxQijlyhXJ68m8-Xvf1AlcE8laSNQDZYDWaMNn94VitVNRTfMtaTRcA8quCuU77W2Rwuj4H98VTIK-GlgCi-fE3i1VTIYMJTx1LdcQEeXxjcb61s9CdCirqID-57rrVVW_IA3Kux8xcgG_NqfCGNcMwa0zaUeAe9ftRgiIrp91Bu0Cz3Pa85EN54ggQ4ZG9dl3kHAn21tXPh1S28eG6DgR1gOV1UuyAiaiMnOjhG7muJ2V-Sth8nT1ALeoI5CzFH7YR1lX-MzeHsVNgbNzJu229JiNWIZ5QaClI6o_FLOrFQq3fzBmSyjZnlqFEZ5rwloRPSh_xH165ap68xaaTkCkoAgCmZnPaRyTQNHQWrXtKn7gU5PdeE4_0YEcWKB6uwK-1CLD5MDtDygt-jnN7xXGxHBCHkcsEIJIgyib7_F_2lkF_Po7N8jsrX3a2A967tiNJADNm6uHx8tk-Jaxyx0QIn7DxQLXDiUcTgXXkqh40i_25ZRdVzflbxihDwzq5wWU6TcxK1Rgp1KmZggkxarFGdh-TUeMpTHlqgzxCBXRnAcS5YE2lWWVgyOGc8SGB5edLeYjIMhMFJlPhFFnAAujp6qp3XOUEy53H029VtID0J4zc1iWgiWdDircNUT9FOLQAR6rHU_-793OCDzN-MiE8Ejeu3AcuUpGpCbl1LAMpganhzljoZt5cEBPc055b1x5W-puGsJSfAGZqtUQ61ZMA7mEFQfNoHxgwgcgjZ5hg7U1KoelQuDcGWKLatsffiWBWpH0eoCA-HEY7szMLLj-gW74Lmoutjeay2xE4URD46OIwm8kuKGqlUwafxAHQi6cc-XcXLBC-asmbSIXigq0T8JSa4pok_4G6W3YDub3wHm84tNOp9sTzOk9elLweR_3_jXpc2CIDMzxk6mO8BPBjxTVZdmezNcnv82N0Vj_ooVDybAV_4kE7uej1Ga4JzK04rMLzQpejiMVYQd_d0DdNeCs7q7_OpSBs_D9AeuPbK-yVnyzr-ms-T5RNrUbK4LZx8T-RqU3a3djUpkYXyAv0k3-MmnQlkWcyo-PawcAmZa-ycjNnVGoW2XfPnOl8CSOPwO0WeHi3ibkQPixyyAQaoCtUYTtrNvOkA65Yx7w1s9y5s7rn2bcj2id528nAKX1RsISWbezL9uIblAXM9wkMO54-7yeYu_NS1YHjVpofVmujJ2ggQx6gEZaGnOSazrN3AGWne_faH70HuuRCjQL_Akt8&cid=CAQSPABpAlJWjHkaA8yCmm4y2CfPrxqjzP-A5-3_KGrw6Q_MO-2hj7TcTjWSE7r2_DP5r_aNlmu2LY9f_6NKrBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=2661047666092508700&adk=1932572522&idt=138&cac=0&dtd=89
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1f049870ba4949effeb6cb641be2ba083ab524fe2a5b4cee4a8a69847bb7f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5F67 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a4fc3c070cdbec01bfc269d65ee1116373dce23b6e09c7f2105809ddc6981ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50789
x-xss-protection
0
server
cafe
etag
6203508409802849742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FB3B 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70c6821cf4208f0951f8fd46c6eb578b24331865dd48b7904285d27aa796f86b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50789
x-xss-protection
0
server
cafe
etag
9653663202577324383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 498E 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gNku3WrCrxk4H9Fe5XPLxh
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0ecfe08ca12a8ea34882598b92fc2f1ea6fcec666ae933eb498952233abfed95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 498E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 498E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 498E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 498E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 84D5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 498E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdRmY0oDM5xOztBXgxOSgJqRZ57E4JXTQESVBfkx7wzMSkSXvTfGVKBcM9-D_Jq2Mz6fg1qTFR3Z7yssIcnSCXfxpX3cv2uwIWoueJRA9aY5x043EFL5xInVuvyOMSnWH2TiidFRq3ocFrVYpW5iCns7n-QaozDBVZZr2xfNJbCO8XRonBCE5bxQdHU0k7-LdrhoqvoyImwfbFd0b1H-Z379u8Ss0mC4EKT6GhLoWWfS8OiYjZvgblScdSMJguy2nOwSXn7GKa6x9Xd0tR_7iodqY9KT7wANvY68OLI-onHPptFJ6x_fQz1DahSDyiTyi8d2CxsvyudmyM_YhXSjhRcXpH&sai=AMfl-YTY6YrGqmWQrLKiespns2bLYWdAc7rXu7OpDTs_Htg3kvwnutaASN_Al3bkGs5gMvViFU4QXvsumxilz1tqdZe28rd_lz2fK-JnAwJ1Y9VJHEZWmWFPYtZCxnlioCM&sig=Cg0ArKJSzBrQRTHdEU01EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:59 GMT
truncated
/ Frame 498E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f5ce49c76969ff740f4eb1473ca6b5ccfac1625378b1f30f91bfaa3e3f9f184

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurM1z,pingTime:-2,time:1391,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:5428,beZ:5429,mfA:5430,cmA:5431,inA:5432,inZ:5435,prA:5435,prZ:5447,si:5451,poA:5456,poZ:5481,cmZ:5481,mfZ:5481,loA:5760,loZ:5763,ltA:6817,ltZ:6818%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1391,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B1386~0%5D,as:%5B1386~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b31%7C1b32%7C1b4%7C1b5%7C1b61%7C1b62%7C1b71%7C1b72%7C1b81%7C1b82%7C1b91%7C1ba1%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:24,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:1361,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5C1B 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38f752afa31582f4e767008e3037ce187b0a40e93df770736fa1db46f52b953e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50794
x-xss-protection
0
server
cafe
etag
9558891052085514491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 10F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt_mgResvQkV0wIJgP0-9tXDVB5fx-CAEgf-pmog1d31-pQknqShN5aGUdeaXLKQ1zjo3w1FrtBuJSFd5l00xuSUU0VHLxXse-mk-uLBGEp-tssIUx&sig=Cg0ArKJSzGTLO-8MxyzBEAE&id=lidar2&mcvt=2062&p=1110,67,1200,795&mtos=2062,2062,2062,2062,2062&tos=2062,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292974&rpt=3984&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 705F 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalization-derealization/test.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hH8Z75EmNbRvgSwYbGy8rb
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
46486a3458168605c84d2bdcb13611fe529b53dd599bc541fe68348fac34d932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 705F 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 04:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 04:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 705F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 705F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 705F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 088D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:04:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 705F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmNIBmA3g5i2oe-Gf1qKyEwHuOOcpX2d9V8-cEA-kXP6cTnXLGeux7f2jTtvfHQakeTEEcX6JmwnohJuvdc4FCJ8vk8Coqy9944fZE4_wH8CYE_cSD-ypgtnHqZEUs75hKAHzqCBT3PfVNCQxc1K21EIB1s3Moy08reMvWAxIoXFrqbKGC4KmCrtWbR9W_cOgkMlcUbhSvOskfgjmIgXpNIYD_DAeo1S70eVOEk3PgruISDscw277ubgNwfeRxwCP1w4OXdYs5e70LjAReRM91E2EoqmRkbIKHowqhy4JfgwsUtDirlRojR9GqyP9abBNJ3W9G66pv0PHDi2FaIq31w4PI&sai=AMfl-YQLcGxMthf4GLTuV60eNKoM6kPYv2qQVbx3KtrhwuxNasFPnnMdLXoYm6nJjQZUFgEaEmRcJEOwTA1fFyGS7g7lhOfCCr_x3jFJVV1g97lSgP-voVQe8SUjbugIiNI&sig=Cg0ArKJSzPOw79Fxv-yBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:04:59 GMT
truncated
/ Frame 705F 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a486904a4d1261fc70e81aa2b70c7c4a709dc2564c5c52ccde4acb9a30950bbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame AC8D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
4.js
static.adsafeprotected.com/ Frame 10F2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZKeEF-6ZjuwP4N-juAw&cbFunctionName=goog_wrapCb_5yvdZKeEF-6ZjuwP4N-juAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZKeEF-6ZjuwP4N-juAw&cbFunctionName=goog_wrapCb_5yvdZKeEF-6ZjuwP4N-juAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
bsImLcUHiSHYeubBQ0gxmQXPUnVNn3exqd4uiNg1z8iY6AQZsq8iPA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZKeEF-6ZjuwP4N-juAw&cbFunctionName=goog_wrapCb_5yvdZKeEF-6ZjuwP4N-juAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F7FB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VUKgj6kE53CpnjbhMStwN3xl9e5Gn-wLObDbEl_VjqIkeXLhmfUYjw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 48B5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_mr_n2ERc71IjK410ulqa4Q9UvIXwcgT22znMp3EMJWrAQDaopOYxGjSPpdWA1sUpROv4OJQ0W6fr3N5fnjmJlxPmy0KH0XwW60gNqlZmiOuTxp6Q&sig=Cg0ArKJSzI12eXAI9LlcEAE&id=lidar2&mcvt=1747&p=1110,67,1200,795&mtos=1747,1747,1747,1747,1747&tos=1747,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3085048810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293296&rpt=4303&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216299361&eid=19761e5e69f4ce6c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=1840674376439307&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=11&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_MYKPuFJbUMia1Ypr7o7NzqvZkYd9g&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216299364&lmt=1692209099&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=2ircnuksksy6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&psts=AOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_%2CAOrYGskayGCN7WymX7f5PmCJJVCF5v0eX5B3l1QmZJ4_Iz4ix9GvZf76YhTsDqH85hluhakKzZa7vSXS-OpzcrQcJpvETOGy%2CAOrYGsmDHXJbUZNtKNN2p31MOviyi84NEbLz06pOZQkunX2SZ_0uGWJBo5MWl5RiNXqSmhkPaem0WqGsGc-WVmvKNhqcm29i%2CAOrYGsnq0XaE0XSspKQE_PtQBrN3PR6y2Sa00_w-5WDj8uTcu-OhEVuaBbP6btBqkwB8SU-ow3BANDWdL6rsMNvhwIGJnPJi%2CAOrYGskBW010C_H7KUk7k6XcsJwtyVMRKs7OeIVKKzqQDs5X0YeOSBdtHz8B5-4N5TSrsi2wS36MhlXyGS1yeozugsvenxE2%2CAOrYGskhYIYjxRI3EkacpHNESJHc_RYjZmWSgA3avKmw4LcDXeGp4HfwJJwKLWvOxiYb2MPFfYKc9Dnz1SwPG0NUPy3slY2t%2CAOrYGsm_RMzrNYn0lL4BIC_CAGowgTOAX3FeqvnzqqxWAQSngpGnXa1vF3JMp5Y1RzUbrP5UKzT2FS6rghYngS9y5U0jiXxv&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=1246821082
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ace4c9dfbb8d97bc5ae16d49b6e4b05e6cac468fe50700c0779dc1f2a7b8c8a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11638
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346211
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 23EE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d96872bea1ba83b6822b8937fd9409af3e0d8d9dba0e706d26763d24357d6ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 9BE3 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0407e997af810be2440b9926e4707ebeb2402754c7ee84de02b0e37feee97dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128231
x-xss-protection
0
server
cafe
etag
16569481418951505653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 9ABB 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c11197d87b991a70971e8f968cf79c980d7702f8c7144ce7cf6ebeaa4e91b45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128225
x-xss-protection
0
server
cafe
etag
8852076438544443192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
usync.js
eus.rubiconproject.com/ Frame 84D5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18677
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
4.js
static.adsafeprotected.com/ Frame 48B5
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZLubN-2RjuwP5dCogAc&cbFunctionName=goog_wrapCb_5yvdZLubN-2RjuwP5dCogAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZLubN-2RjuwP5dCogAc&cbFunctionName=goog_wrapCb_5yvdZLubN-2RjuwP5dCogAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
k3sYjJzBCdhkQdaF8VSHiz0Ctlb57wBamUnrIUctQbyllSZbUXw8Ew==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZLubN-2RjuwP5dCogAc&cbFunctionName=goog_wrapCb_5yvdZLubN-2RjuwP5dCogAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 329E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
QPY60MwpqMCYNRMCs83FuKbFRn6_R0w1Ob6XfEm_g6HngBqu8P9nJQ==
truncated
/ Frame 5F67 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ad11da166d2401cb123998655ee0f641c3396d3db138ad3e9afcb74d5580d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FB3B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd969f80b7a244e0523f51a2766336c863b48315898918b6a9ec041cd7b19da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5C1B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
078bf76b96857d35c659ff64a1b6038f6a350e5f05eca8cfd8d1d776d437b22e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 088D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18677
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
4.js
static.adsafeprotected.com/ Frame 1642
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5ivdZPWLOqqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5ivdZPWLOqqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5ivdZPWLOqqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5ivdZPWLOqqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
p4qItZrv0k-hSY0Imo4SJDpPApDpA7XBSRBP02j4upJfZnADoI6NlA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5ivdZPWLOqqRjuwP2ruE4AM&cbFunctionName=goog_wrapCb_5ivdZPWLOqqRjuwP2ruE4AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 067E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MpS1oRIowIT8ElgKFBcpGJskl5lLkKbYh9P2EKJV7_3Jqagn8UxY4w==
4.js
static.adsafeprotected.com/ Frame 9576
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZOGECM2QjuwPufqqqAk&cbFunctionName=goog_wrapCb_5yvdZOGECM2QjuwPufqqqAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZOGECM2QjuwPufqqqAk&cbFunctionName=goog_wrapCb_5yvdZOGECM2QjuwPufqqqAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
rpgGy33hOHYJ-s1YuoxaD7ilOHlqpf4t03YwQvjUmGDj1X9MiPlesA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5yvdZOGECM2QjuwPufqqqAk&cbFunctionName=goog_wrapCb_5yvdZOGECM2QjuwPufqqqAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9646 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
SCqhMZAYbBxTtFRrfTY8FqX28t1jYSDw08K8YZ9TxkjxiGF-WNC2qQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame AE12 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyekXdXrXgR86CH-JC8ibmr1v3Gy-LXUGdPdMs8yHy7hj6vMnBrJ-PlaXn9nH2ztoLGlVI6Uum8Kp-WeU3gzqFrAKcE8GVXrk6djC6z26DrtbdTqwt&sig=Cg0ArKJSzCO2BTUGJF-2EAE&id=lidar2&mcvt=1640&p=1110,67,1200,795&mtos=1640,1640,1640,1640,1640&tos=1640,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3516126248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293543&rpt=4509&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 743C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F5AE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:59 GMT
expires
Wed, 16 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1050269
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4CD2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 16 Aug 2023 20:04:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
D36Y95NHR8KW2AP506BE
Pug
image2.pubmatic.com/AdServer/ Frame 7604
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 16 Aug 2023 20:04:59 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B97E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NmaT27ubQceMj11sTQIb-g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-96-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=146937
accept-ranges
bytes
content-length
5606
expires
Fri, 18 Aug 2023 12:53:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B97E 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.140.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-140-18.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.17.61
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame B97E
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=414175253
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
via
1.1 google
last-modified
Wed, 16 Aug 2023 20:05:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
date
Wed, 16 Aug 2023 20:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame B97E
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Zzg2UGFFbEt3N2JTMnVMZ2MyOFcxYURYUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8117099621253661539&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Server
52.7.131.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-131-84.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame B97E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzY2NjkzREItQkI5Qi00MUM3LThDOEYtNUQ2QzREMDIxQkZB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B97E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEE7jq8i2-u87OzW_hqiUjfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B97E 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 15 Aug 2023 20:04:59 GMT
generic
match.adsrvr.org/track/cmf/ Frame B97E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame B97E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8117099621253661539
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8117099621253661539
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8117099621253661539
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B97E 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/366693DB-BB9B-41C7-8C8F-5D6C4D021BFA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame B97E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D7F7 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
encwumjulb0v
hal9000.redintelligence.net/zone/ Frame D7F7 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=&gdpr_consent=&rnd=1692216292606939&extVar[]=DV360_SSP:8&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWw2z5CvdZNuFJdDW-gbKp4SwB5umgKJp1ZLqi84P9i4QASC6vvAWYJUCyAEJqQICg-nEjkOyPqgDAcgDmwSqBMMBT9CnO_yTGHhz8GICynbh4ofdkqhQZG3m1S5xlTu0vBos3sNVyxLQ0P9srue6NSZ1AMKvH8nIaDmQ82tyZkcTVuOFDk_8wi5fb67tqw5kG-gqFSOi998utUZ7Tgv2TiHNQ0XR_Wa_2djsT0Lwf5RytZHBVZ4EpSZ5mcZ6z-yhhjj6p5p6i8baQNgZk-PX5RWTbJg7ei0qmomKhpjfl6ju_hMmwLGx_Dzvp7osmttaqCrA5EaP83vofdEPw-OED0-x28GpwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBqg0CREXIDQGwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI24eE-PzhgAMVUKveCh3KEwF2EAEYASAAEgKFPPD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWtbJZ4ANbBbsP5-7KRXsGiTRqQkcFb0DywLCaTq3YFK3bJwBg1pFCyUqBdCKZGAE%26sig%3DAOD64_0R_NxloLXdIB0_8SWy6R4rntfzQg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-Ag0I44wGqmmHH78G0uHlYry0-R6jbMSD2ITQICxITCJJjwuqilNlPbvofkstUP9wu70p-NDE_6vOfTeYLVmc3LscpBe4J2YY8F6Qi6tzqqNKOy6dv1_89pfLoI0NM3DbG6dEUhSVLVCBJsCCZSgpoDEyvrYE3BEPTm3K05cvgNDWIcL4Q%26cry%3D1%26dbm_d%3DAKAmf-BUwXvFlXdGoyf1VWMMmJPF3Mqy-crjTSvKO9wgxSfKm0aGZMA4uaw9d1yWTq-hvzqh-p2GYfrF9LY5cRcwhandqWMXNdWPDNgJZURBOq4xL3hUMcmXvWiJgXuntxYdPNklZ0lSUpqDPw7cw4Nza3IlaR5fo34dQFTKKFIfg08YZEgpdl2yXA1wNRBBqFXO6lXmHujsemb0W2Pucz7eV1UkDmCpwMBgQSsIqNg3ruwzeqfmVuTWUuzX7vRgzpC1fCKuFB1euS2xciOFOmtKnmHwLLQZrzzFrJhsJGuB1Mnx6Q4r_8zi-6anOuZ3WpkEcgO-iEBt_lCIQdUtj2tKxm2il7FsjlX0oB7JujcV46rGDRXrWPeMD_6mSOxOPPunA_8cpK13Ryy9BesnezYgQcyCPIP8we6TE_wf5IvVEk-H_5PIl4F-yF7q5_WKzRdmkeUDKt4fY3fuJzflWzuSI4BXrhqdj4piW6Gd93386GHetbJi2HdX0lLSib2QjF0NDISsr3Q7w5ZOujDh7nxwEDGfQFgFCo23RelBKZWUbNizxMZzKGtafQW-P0F8QxoQAOd9HfRJ1nt2Q4KeI73VYzRGaFlwTw%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
19a4179d54d28407e31fb70ce1d039bdbfabf4b8bbe97630c64054168a2bdb46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:04:59 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4161
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3AAB 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
271381e4fe734f81f1bd4750cd6d46a71804467e0def7532cbfb53d49119313b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50787
x-xss-protection
0
server
cafe
etag
1887213822489493239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
truncated
/ Frame 3AAB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a00f46abc041c92fdaaf83bf733f3118ab7e54cd82f37ec6b5f143817fd825c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9601 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7238e6a8468f2741a3e82bcdf25b754c9d701748e3967bdc873d820380d84202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50798
x-xss-protection
0
server
cafe
etag
5300313746338014431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
truncated
/ Frame 9601 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f082eec0e7a7556e724b3b7457ead574a374ca2d5544bdb51ffd90453924a380

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4177e19de13c8f8989ae5ae74adbebace694d270768f7f11be47bb8fb4ed0f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYGsRduPwt%2FBEFcvlOa5NeGfloy8T6G%2FNY8D4I8KjhoYpj00gsfq8zsjbDkrxj4I4Z%2F4W6x7zh0%2FwxE93Pyrb1RtH75KMhfJvImp2kIjb5kTadGIA2EG96jF5Y384N1kVH5dp9ck"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c4a220d5337d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-3%22%2C%22callback_id%22%3A%22203aa2c249723467%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250d_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216299840&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=205a3aa95c51e241&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250d_desktop&slots=1&rand=0.06425316439111461
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
05592ec5a00cbcb8891bf1359000261bd198a8fcb18a2dc6ffabce566a219184

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f9d1178e10a9f1ce85288d9666f171d1536ef45cc1ec42dd46f4fe59018e74b2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:59 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ Frame E114 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
117
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22211701fcabddd7f1%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=8ea08408-2f48-45d9-815a-cd0114b4b2cc&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
21a2d2a1e489bd9043fe4d6224a5003b4476aa9887bffbb4317c2316e80f756d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9865 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1642 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 9EBB 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHO6JHXSaroezTIvuTjfVG3zBmhG6bdmvKDI3phRgUj2cOgDdX3mxNgFLlAoDJeO9cyQVNRS87uwsmDa_V_w70RsCR_a4pwdVP-wV39oy36pnD0QXNuCyM5xlHgj0XfRlj9txyY5MpnTr9z8Xrdbd64fBWpTuSl2RCypN9vsOiBw-4aZ09xFTboPKIog3vOH0UiV2inD5-nnhNUG994BSk1f_uWmcOKWSS8FDZiUj9b18GTDk_GnRYuKgULAQPa6F90XNVQgQeuSlslz8fX0Au2nkOhm5d_PVO61lv0Pt6ic_47h54AgAg9OFSlaYDLAhxjAyafmVGcjqxfgefdrtrHFC9mTM0VpPTRY0uWvXuIIv-gDnCmxCHR0mxrppG_x9wDR3YNHGWfAy1qlA4pJYrPCrZwqL1h1xSfc0CyhpAogt7v3u3dxzNEQAhT_jTsP1x3HSoIbTqGvJEEuuO87QOSocpWzj8U6n7wNIAJACpxhbk15O_pQmzyPCZ5pm1wKZrl7HHdwm5Kz_KH6jI_eTTH2V7XHEH9B7UcbPwupgTTkugm3DGFfM9oltIrVYrnFGVPmqTXa_tv8c5hBQM9RbFHsPP3UDkxsWOFLjYnh_y63YCC_k9mDwXiw-oG7xGPgveFfKQIcHKQW3oBMM1QvpLdOm94wFutPcoxO_WfAHBRM9vLp79jaUGbx2tbeYAsSUZCBdWKw1FXA5mgE2RtNUGNI36l55IQRvBuwTZFrk0I8k9hO8mFa7TRDKDbdZvwjDaX2Cuc7DiDZAhx1Ij0Gr1EAw6SypWdFp46UI0dWBqt-LVGXsWGisPVLpr2mbTze1Y0raC_MnswZ46X50aHXpd1ZinnmR9Lmo8rK0Cbse9iJYYNNO98n1HJWj0MLR58VnRNWs-XkfWBkXtrK9XKMwBWfOtAnCny03dOUOeyPB5JwFySi4IMA9W3dWo3VABXSo9WvlforOeW_N_HYsCGx7s3h5Rtq3wrHAe_ipjCwSHkUnQUYDCOMR3eH3aMEFbn7DdTijL4tf6QSLym_N7YEHRdsQh2NftpKWoGqath0MT6fGRoNO6ivznM_thXd4N_JjUzhKn1ygA5H485ILuZMorUnAExYIxRCIqvKBMba40WCaCdEYP3Grd61wRSJkTuDolAbL_IQ5TQ1qwmfYjdeTLL6hKCB-k8FrRM1JdqGk_zyX1MIitfNhdbwlnV_80gKIa4yYqv87OkzSpmjRn88-boS9p8Hl97dA2SK7p2hPLIjrCA1-R09SELBEYz1oG&sai=AMfl-YSwgXIoSnX_mwj_E7hZyZJK7tWUlCU94x3FYNdmRoS66R_Tvv431cWFxOQwbhDjJ4_lYUOu638bEuKoVUbzOMmeF_HjmTLEo7IlPT_LC6XHK1A2eu3pMOIQYZaQr2mKxDrU2iEuWv496uV-e7P4GaIdPlcLO69CrESaPKdb-97wE2wPS-2emZn4hBRGirakcZUWll4s4vCWdH75qcE2XEVhK7C3iHUr98WXmAwxwu8LwuQkHCUFjJm2V8A&sig=Cg0ArKJSzAihonw5QzDGEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3708&cbvp=1&cstd=3694&cisv=r20230815.70725&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A54C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9576 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 54ED 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcsLOMe1pODzwX6Vj8Uie0rd6JmKVMgqW4h5KSXD1f6zlILNgr8qRJKN8Sz30YXLBPW9M1hctjnez8rCpZJEbtz6HiaQ8s-_XhvYRH0RJdoa3DlgEDAYYCIpxUjSjlKryw0ZjBL8EWRL_JJ7LWIgibNNEKxN6Yhyy3ne5uEx8T1X0EKq7vfs1I4qBnY_Sdpbmw6dy6LkuJ4bz84o7r4xXRAB5Lw6xjH1gr_uDPEHkqjMQdeOuPiARwjdRQA8F8qdGUU_orkoZKZr1tEnR1Kmd-A5-w6_LO9XVTqShip-GH9z_HkEuWqjlhuE3RmUyfBbYfjb4NWvrX2MKFz5BmYggxI-flvN5JPZ3r_DfVrak-3dQQLi7A4wvxt09eZvYAmZN1CEH1rZT0trGD0evDrLqtr_i8ILfYl1Zq0TnNrjqvFir85rEBwBOP0pSko9d5tHjXBl6Smvizzn0amdKrTPEmt0Y64SX-6ejbgL3BA-Fn0Sk2hfLXKL8RtWVRu2M6TLEti4OcYwXykda84c8lo293hBI1SKCaAZY3bqdNzC4p7jVLvwtvOsBehWIGw62TYH-2Eg0LCVISieI6OEb_A_8byAYySkOOh1-TGnUhD2rERpPgGEZyW-YRouF6ts0OCbQdkML1tILzT9CPRAn7p4E2eYwKlTNfBx7fYfhVb83hjLbTsqcZax7_UQHY5FpYLKSdKztzD7rKPgVuWQNGwPAcOG_UJKKzdANo440HDDmWkmJmeMnQd4ihEmowVhAIauxuRFwRXWeT5zxYApbITq57gXs_vjzPkMpD5P2jByuwx3r6jY5e1yThEaUNTqfbc10oTSonHlhz7aVxssa_0KlSHvHT4Y0yIHtFIYu64nKQTukdRBHavR3hGAKt66-H4B2qsGk6Yhe0iItR3eV6XSfZraO7YZJydXv_neXgLQSUzY-3rVT4lVoYzXDo1Rbc7OmlbbvHsacz7qZt1s_fRCWgn1JFnSTVASzLxUolyCltxNju6wGPjzikYHn9fLUqeOw0kOmU1ekn36lJ68oUL2RViRrJZbONmSMbdBOepDIO2I5nQtXbaxh_NYaoxkX1J2Hakb31O0b4VjCtyYGVk2hAWzdvyp6wPz6bTC_BIMoXUrlQki2pYhx0pisrlOh3JdvMRuAGAEDF8ufQapNDQpAeAKO55gSTkywXRCTbD_GSX2NdRzUd_5E851sXOz7iqlCgS3u7Qa0Tsda5i1NUHkn1MZg1x4_g6da_fnsd9tWgJ3tCHJjAgp0TO-1F16cCR-Q&sai=AMfl-YRYzdTedRS4AR6oHA2EQfPhnHoj6uw2Rn-9n1Hkp0p_GCrWopxsUVpVUxMn_NZyKLnt2e-zjKqYSm7aN0DumukFsl_-FqSuAnTjq96_6XCpFtP69ayPgg1i9HGPYzEqFjRACr5ZaaUVFqgT5Aa6bmKkGvFedq63cWFcj4dNT2ciAwJEIQtmpjRTSxR1xfVR-Cggy9Gdgoc6S-xRuJbboyLNhDx8yt96ZSQhVFuRVdD2EeFu23Z_i4cAUsI&sig=Cg0ArKJSzOlmXHPwyKKaEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3536&cbvp=1&cstd=3524&cisv=r20230815.25801&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:04:59 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:04:59 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:04:59 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d5f4998823d359eac8d82d92eae65868c296d5856424c9da3635e2fed18d93b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3uAmf%2FxEBMgelNbfQO%2BhPGR%2FT99geu%2FU6YIKYqhTkyy9GesHNP5osnMOzxlNkVOzgGs83HR%2Bchs7m3bgCv3bEgW5YRAKR0y%2F%2FItTAPFZtkn3F2U5sCJXS%2B8mCMQlSTiUM%2FpQURb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c4a229e2237d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E114 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
007706b85d6f3739b47c0e9b6819e396021e781bc6e6ccc9ec7b423fc6a91d6d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:04:59 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
978 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222223e10c1f0957a8%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=7881d452-bf68-498d-86dd-d15287d42ca8&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fe67a308066ebee3455f437382c739ecf843c94e34ec60289a43ecdfa66568c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame E114 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:04:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-2%22%2C%22callback_id%22%3A%2222893e2297dabea4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250c_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216299934&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:04:59 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=230d9729f986a607&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250c_desktop&slots=1&rand=0.5399812328275531
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e3577c9bf49589af8e9496a56c1be804c9a8af966f520b0cbe5cc35115795817

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 727F 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 727F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 727F 		0
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 7538 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468129
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rcqe-fl4Y0osQxhqAQoIaYRYPC5Jj1ukAcKRhVk6aiiVIFHeswqmTg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7538 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfebc705eb5bb42ed64dae5416a2b47001214d6c92747d9d9b9f0dd31cf242f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7907
x-xss-protection
0
server
cafe
etag
9232276958852291687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7538 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 23EE 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a11b5062673e0f612ca0e8585fccfc5d2c4096d4b4e7a254dbc9d8da46cb0f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128225
x-xss-protection
0
server
cafe
etag
8558052975143780110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
request.php
hal900010.redintelligence.net/ Frame AE12
Redirect Chain
  • https://hal900010.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900010.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQZtU5CvdZKmWB8iT7_UPiZaOwAqbpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCrCUca3BKsj6oAwHIA5sEqgTDAU_QIUF6N0Mjnd8Ly0f-gNgc_myHRSaMc0zKfy7w4sb9mmCQPrgy8r9OsAmae3tUaPF82h9dr2gmhAT_hIrLBusaYd_Xt3kPriwhdUyiax8QDNxMQjtGCnz6Bv-C0bPGE569SWSWxnFxpCcl4qzfT_5VcWJ97UMtzn3Pks5CEunknP6m5aCsO5cabdQ-JvhJEG27WbvdGpTbFxO7FQdffI_xP2MsN9rKGcPYismOc-rfah1LVQgEPYX1WeODREn2jQbJlcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIqZjm9_zhgAMVyMm7CB0JiwOoEAEYASAAEgI8QfD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE%26sig%3DAOD64_0nRO51qTqFRP5CrUrq8jnJ6DAUDg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-A-0ujpRoZX5bBw7PPRdNmVrYW1MpaBo9IfGnAqTHqEWpwjVO0Zhd6e2KVomB5rD5SDI9yROG3uy6TvwXirHjPctxvVEfZtLn5FA9rf9UK3tDkuz0owLlQPrkxlrsEAXeeN62nSPSIL20XOy-5tc9zXVKLwVBR4BllP4y4--UBDQNp4T0Y%26cry%3D1%26dbm_d%3DAKAmf-AcM2dKlEehrXB5pSKXWcOZlxsqdg-p5danWKlXEY4ZTwmKpHQqwGnhGXFV1tFkZWkpQ0Rucjp0OusUcK6XH8orxIgOv5U3GOZW4MhljSny1uJJE4K42MuJ0HFP_t5HSMQZA5DzM6Iow6X6P0jnR1Abuqo6SZD6KQ0z62jlqH8pFbDTptxtqbh81BtDnfPrsAWXDqQxkjtdLtLAAq2RMSOA34BaR48aTXET8xIgXPmUcMQi4GsqDaUPov13D__8FqVLZ3-UB-PlAmrP4p7j17rADPJoA6MDHXi6BtLThA3tddlMgTzWJ1ANiy6NH09xaeuagSVyDD9y3Lr8M1bWmoNFLTCojfehrSov0WBgRH3xxvrY1lI9hnDRwyM619-vlCw-7sWkcJTysOgZyMGL2kgScqXGWMkVoLKPfeWGL_TQm7T7Gr_fkQJykktCgH0-mDDzRH7KN6Wqt7WfPONzlImHVPv_vSP9iRZzOMqwBItzhI8FQAcTqkmaB3knRrdUUqDaclFvXoQ0ijPT9IW8KOJvO-NURLyU6oCBtcyxMgJxxgd7PRKNgz-epG_d_wmtVzsClDRgUaaBGJzf4I733eEGYrlpYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=5536673497196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9806ee098a508eb633003658872bf9e0bcfe19b9ad7cae49773be48506321116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:00 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
64536700147702304444640012418010
Connection
close
Content-Length
904
Expires
Wed, 16 Aug 2023 21:05:00 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:00 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=8a1dd8d910&subid=&uid=014ad6536ebee77a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQZtU5CvdZKmWB8iT7_UPiZaOwAqbpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCrCUca3BKsj6oAwHIA5sEqgTDAU_QIUF6N0Mjnd8Ly0f-gNgc_myHRSaMc0zKfy7w4sb9mmCQPrgy8r9OsAmae3tUaPF82h9dr2gmhAT_hIrLBusaYd_Xt3kPriwhdUyiax8QDNxMQjtGCnz6Bv-C0bPGE569SWSWxnFxpCcl4qzfT_5VcWJ97UMtzn3Pks5CEunknP6m5aCsO5cabdQ-JvhJEG27WbvdGpTbFxO7FQdffI_xP2MsN9rKGcPYismOc-rfah1LVQgEPYX1WeODREn2jQbJlcAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIqZjm9_zhgAMVyMm7CB0JiwOoEAEYASAAEgI8QfD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWyopr83fjus9qhaN2ejge9QTxBybjKRyHa7O-ZzHW8SyZjuVFqPk0RWZsGZW_GAE%26sig%3DAOD64_0nRO51qTqFRP5CrUrq8jnJ6DAUDg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-A-0ujpRoZX5bBw7PPRdNmVrYW1MpaBo9IfGnAqTHqEWpwjVO0Zhd6e2KVomB5rD5SDI9yROG3uy6TvwXirHjPctxvVEfZtLn5FA9rf9UK3tDkuz0owLlQPrkxlrsEAXeeN62nSPSIL20XOy-5tc9zXVKLwVBR4BllP4y4--UBDQNp4T0Y%26cry%3D1%26dbm_d%3DAKAmf-AcM2dKlEehrXB5pSKXWcOZlxsqdg-p5danWKlXEY4ZTwmKpHQqwGnhGXFV1tFkZWkpQ0Rucjp0OusUcK6XH8orxIgOv5U3GOZW4MhljSny1uJJE4K42MuJ0HFP_t5HSMQZA5DzM6Iow6X6P0jnR1Abuqo6SZD6KQ0z62jlqH8pFbDTptxtqbh81BtDnfPrsAWXDqQxkjtdLtLAAq2RMSOA34BaR48aTXET8xIgXPmUcMQi4GsqDaUPov13D__8FqVLZ3-UB-PlAmrP4p7j17rADPJoA6MDHXi6BtLThA3tddlMgTzWJ1ANiy6NH09xaeuagSVyDD9y3Lr8M1bWmoNFLTCojfehrSov0WBgRH3xxvrY1lI9hnDRwyM619-vlCw-7sWkcJTysOgZyMGL2kgScqXGWMkVoLKPfeWGL_TQm7T7Gr_fkQJykktCgH0-mDDzRH7KN6Wqt7WfPONzlImHVPv_vSP9iRZzOMqwBItzhI8FQAcTqkmaB3knRrdUUqDaclFvXoQ0ijPT9IW8KOJvO-NURLyU6oCBtcyxMgJxxgd7PRKNgz-epG_d_wmtVzsClDRgUaaBGJzf4I733eEGYrlpYw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=5536673497196&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 16 Aug 2023 21:05:00 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9D6E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D7F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoyoQLb170waIpVmnVGGj9X7WoIygIqs_2NN8SkyC0Ja-kurGpXtEaRpklLw6olcIF3Uaz2TUuXNIlkmS6FXI9YnxxEOLvmEjlexuQJV3_UvKG_OosdOPWq74zuaZK06wFY9dDcjM3WODXiKl9A9gndj5y2hqOpvJaOm-J2ur7rpbHj3qf4fkso3q_pwcfRTNo1wMOP2y33JJN2_3B1QoJi2zrJo7H8LGnEYIoDnTV5-BEjo06T4v8kUFQ_H31y0irtPUobBvB4uu5SU1j52gLsk5W1Rfl5ZR3bRhucwJG0JPUv37Ba2XIznAF7drI0FlV2KwPbdg_0Vw_uAG3Hshv-Pw&sai=AMfl-YSbT0Lst59excjIfZBqGxm6jIfIQlRqI98EKr53Qv7jlIBgSkT62ivIrKFD0qb_WOLP198t-ojh8RGOh3xrgfZGPwQV5P6JhPNi6fBftIrowyKQZXvrvXwkznOsfE0&sig=Cg0ArKJSzGvEClXApT8bEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10F2 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 77A1 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 10F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNQJPKc3Wx8auXrjhFgzGyrNA36P8l73Tu47Ummc_r3joyYTFz6Ii4kTYEHzc7eDAExWC8ybIBpgY3XXtBWIE-ILontNP11Tjj_SyFo3LLnl3T9OGaeA9v5hhCzOj4FAZWThS_dtvDGgVVNl5xUYZQ4qxgR4of5hvk0cxpHL2l2cEEcWgmVeA-gggY6mHofpixtWEHqeudlldH1WCiCHjrzuWSeBZW9eVUJj0pOJAH7aWxlAuXmcjF0mA7FwQ_-q-wtJEctxO2YhKqvmQbNt-So5jvuMUKd63ZAX8Pzj1bRLV16I8WApDxRybDKozvinVFdPtYoC2gayCZhCxQQCFCtA5YLSeI_AXaDzFqNMpSnRXWE0UJqpOruT7RAsbBnDxEL3mRKqgR7fCuf9J9ye7dCVnSKcKnTQsZ_EaWwaAJz7no2LW2QpoThdSADjOitCgAoMV1zGyrzDPQu_a1lJ0rxuaeLkIspuIUiN6Gwm9wTyvz93WPu-9AM1BjehL0NXqB95P6Cd2SNQFesTn9092BzjuFTkoyElYdqRu9gZ5s1M_-8T5xJGKccQGw_krCkWTIfz5thuP4o5c3hUR9LkSO5BRwgeb-j4bzTnu0jmpV88sqbU5qp9Y7cwxgI5d_qKhQhgIjXk6vSKsASJsufhovxUr1I5uDks9c045zCJCzYSY-oXh03PRDjiahv-19WO0JBRdGltIjGWcM4Ntt_CHzVsUwRipEIH9K4LWyWjzz9SXV_H9uGLOsTlea12kdP8cf4l3opreZBEVRKnsy4B8NRlPDl4i8lQXQV4hc4EH63InB8bIc4VNRpNuLYL56XEnIWYSeXVhchnP2VkJnIZTR48u6Vj1CKVu-wYZJ_C5Nobbp2OFoZbEZhXR-tampkScPLQYgW667O5XwVKXsV4Xp4DRsmBR0n-KuoBI0KfMtg-d2vQ6jNCE-m2EFFhvp--E_DDMUCNSIR1xjVFO2dTiXU6m_zhahG7A_o1lRo02LaMJxq3rpdR7-mfvK1dSscOVa4z2d3ek_ZtrwFj5DWkTPIcAlFBveyWeaPeVZn3y7MSggIOcY-qx9nXy8-a4XcgY04SZQ2M8ze4HBj8av41-UTrvZirR8LgmQS0Onveh7DwbdzKW2egbL5MG_Qn_uHklzxp1Uz1rC4sc3NEHb2vjw_iTnqqkkLTaKZMSSRBzhb9cxtHrNamMUy7i1E5QqnFX1Ou2CCprXyBg6SKufQ-77tEHT9I12aKUTdDIEaKBCo3Hh_AaOjNqEY4guTilg&sai=AMfl-YThJizJWmBHV-q3PnBzDMl_DPEKmU415PNVgEWQa_jji5PjDqZr3uUwl3XuhxHGJw_xLT--mUXBWx1fanIASzl6MV7w4oUqo-UgQAhMmKAAZ_wSLdaqgbjj2H1XOTdTscLxCLQbqq8_FbZEk8IziXWVs5aRTea6lFN4MAoC_iEPyN0OT_ZZ-RlZQwvfBDO7Jul-P8ZUhs565O76QKQZqVgXe9xJjrZJ_S7tWmTCC0Nz8PsneX01iWlZDw4&sig=Cg0ArKJSzBDBmDkstRMLEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3190&cbvp=1&cstd=3182&cisv=r20230815.63166&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c72c1798-7894-bc5a-cbb1-25f85dc8c3c8&tv=%7Bc:lurMjG,pingTime:-2,time:871,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6296,beZ:6297,mfA:6299,cmA:6300,inA:6301,inZ:6305,prA:6305,prZ:6326,si:6333,poA:6343,poZ:6369,cmZ:6369,mfZ:6369,loA:6775,loZ:6778,ltA:7166,ltZ:7166%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:36%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:871,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B865~0%5D,as:%5B865~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7*.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b7*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:37,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:823,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 5F67 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a11b5062673e0f612ca0e8585fccfc5d2c4096d4b4e7a254dbc9d8da46cb0f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128225
x-xss-protection
0
server
cafe
etag
8558052975143780110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
4.js
static.adsafeprotected.com/ Frame 498E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6SvdZNTQFfKcjuwP_-Cd0Aw&cbFunctionName=goog_wrapCb_6SvdZNTQFfKcjuwP_-Cd0Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6SvdZNTQFfKcjuwP_-Cd0Aw&cbFunctionName=goog_wrapCb_6SvdZNTQFfKcjuwP_-Cd0Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ZmAMezo_TfC1DsDWP8VwzzJliX3oF5IDBSMrziiZ1mAHZ5wS0dssYg==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6SvdZNTQFfKcjuwP_-Cd0Aw&cbFunctionName=goog_wrapCb_6SvdZNTQFfKcjuwP_-Cd0Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 96BF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441724
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xZTsh2AaoUJe4WjbNGzb_kygP7-_VtD3RXPhr9mlIuXRxQlQ0RFiOw==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BAD3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48B5 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 26C7 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 48B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMA54aj64aoKuGeSlfMFztNowwIq4zUmvUx98FZRKzZ4STQ6GNOcKk64LRvTJ3iFutWIGU6KY3EWN0qxuMOJ0Np459p2HrMyLX4PfgXwVWXjoZmPJyR_NvjBznFw3Ej6c2V2sSEDKHeNJ2dHMC-zGu6no4h7Jf5j4i5rSkev8H8fYzqisl2LgrlvjV3FZBFe-nldqxBfPxR9bHjFLTBuSgZmSLV5XA4imEtIcq61Mt7RVYUUYQxEe_E_bLHI4V1ThxHgEKucJDD9tF2YEs7esFy0WIFzIw8DpbsGrdrnYVDzRPQRtC1gf3HW4Dsf2eRtXMaBVr8XDnlu8earZr9xSV37r2r6ZMoTzWI7IjVJFjSnFVtuetxD89ZniziqctnVM06ilx_JXu3FE_2TbvXAz6bKZCDfcwTiiewA5odGD6ep631XBPDF6O0VtCbvFNdm7p8J8QeHjmOPZARq9eIcfi4jbFCRug8wgy_WDHd4AxG-r3C2zfwkTRyYBMrzLDLbjO_-ZC-D8Ib312qHJhSI8OxW2XeTtihEVVeDEgdwZQdGqtrBqhAa5jLkc_vNnq8tqwcLvN54L9SN-xyfUbZ3k3o83WtTHTcnOh6UfkEU2ARcOW86f_Xih9qNwmDkQUKqGxBLA2RbSN4iISE3Qz89eb8WDW3CgNuJY4Ir1GQ2hbYUrz9U04drg4072P21EnMvuIzJhSIXf-wqmq9zQ3wRxxecx8wbh6WSVKVUTpRVe4nM45H0Otn_S0l5X_O_HjUHjslXrB1sxFX1NazSqB2ExuQzZs-Jo-4_C8svBXLpU7MtIMdNG9pPONV8jWHPmZqFu0IGP8sycl8yRCxWE6vqro9YYAyn8Df3xlRA7vkq6ShfFaTsgA-tYNbfWfejOkDvtxkXF_gMkHy-diizig9B7rfTNkcaEXbBsKU8W4zL9s-1jF6q7AwDDGWEE3Iuuz0AsWKnTvaj8glt5Xm_lKWWDrCyiFnc9XGWMm9ozLGpgxrwpllOmJkHbHE8RT4lDvgaYhzneV3wTSaEKPIsX4T54y6Ks2uLoK4KLly1ba5SaxDOylLeh1WNcQWmQerh8s-xQfNxwTj9iETWK4nYgQC6LiQUBoyHSK2aiQNjfVBeSehijs-mDACzRfdNMIGk7gtHFnX_BRC1U0JPYNj_QUoZKfRIoC9oXQb7Lne31FUljSQorSFvB8PaMb-CL0JW0p0EJsoVrnnRBOdKIA9NrFfx3RDB5BG1kJeyw20y9xMa1-meYYLIHtJySwPoWNFLYu&sai=AMfl-YR44_xCOd1a534ubdgVwcpbxkD12y8-G2QNrWQVkV5XcvYRYo4iRYlrYP5uS9cy8dAbGRYXUAUdHF1UBzVKSrHPfX4Fm1gVnIoFyI1Qa4QXcEChb9r18yg54Sjil3mtFjKKKpvayA1kLe0AE_A20dAj-cf-Tm9ra_0Oy5WyrUoDBsGrc5AvQ75sw2lBKncZ93df21Va7bHyF-B5nJ4-O28zuRKu9QPciF_q2t-2WaMKcPo9X1DU3a2zEEg&sig=Cg0ArKJSzHmFSH3IvURDEAE&uach_m=[UACH]&pr=8:CC217B09F7FE049F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2743&cbvp=1&cstd=2734&cisv=r20230815.67101&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=27e42e3b-393f-932a-e90f-01b28cd34846&tv=%7Bc:lurMmO,pingTime:-2,time:884,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6155,beZ:6156,mfA:6158,cmA:6159,inA:6159,inZ:6163,prA:6163,prZ:6173,si:6179,poA:6188,poZ:6212,cmZ:6212,mfZ:6212,loA:6520,loZ:6523,ltA:7038,ltZ:7038%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:877%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:884,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B878~0%5D,as:%5B871~0.0,7~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8*.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b8*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:25,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:849,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 5982 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 9EBB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame FB3B 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cea3cddfaa3d16d796a49f25265686e15cf192d65d5a7df799d096532fda81cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128222
x-xss-protection
0
server
cafe
etag
18393815542245159745
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 5C1B 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077066
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d8619ec696f207d8d6885b71f4539d2d764e2d4911b1c8917f32fa8d24d7548
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128232
x-xss-protection
0
server
cafe
etag
4041193233333012505
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 54ED 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
4.js
static.adsafeprotected.com/ Frame 705F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=24022&ias_chanId=8&ias_placementId=20338659522&bidurl=https://www.idrlabs.com/depersonalizatio...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6CvdZL29DrODjuwPgJ6rwAc&cbFunctionName=goog_wrapCb_6CvdZL29DrODjuwPgJ6rwAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6CvdZL29DrODjuwPgJ6rwAc&cbFunctionName=goog_wrapCb_6CvdZL29DrODjuwPgJ6rwAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop
CDG50-P4
age
90209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-_VGkVaWlIBqnkmLC1Qo_BLnaKQaVa0SAbhDp9qnoTKJUdFkuPMQdw==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_6CvdZL29DrODjuwPgJ6rwAc&cbFunctionName=goog_wrapCb_6CvdZL29DrODjuwPgJ6rwAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DA85 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441724
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MSQSY3r3GGpbJAzqUsSl6DPdZIxD5Z_BcsrQpB5d_RIn9wrPxkpQCA==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurMpy,pingTime:-2,time:913,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6958,beZ:6959,mfA:6961,cmA:6962,inA:6962,inZ:6966,prA:6966,prZ:6975,si:6980,poA:6986,poZ:7008,cmZ:7008,mfZ:7008,loA:7308,loZ:7310,ltA:7870,ltZ:7870%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:21%7D,%7Br:r,w:728,h:90,t:346%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:913,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B908~0%5D,as:%5B341~0.0,567~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:22,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:884,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurMpA,pingTime:-2,time:865,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6713,beZ:6714,mfA:6717,cmA:6718,inA:6718,inZ:6723,prA:6724,prZ:6734,si:6739,poA:6752,poZ:6771,cmZ:6771,mfZ:6771,loA:7021,loZ:7023,ltA:7578,ltZ:7578%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:728,h:90,t:304%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:866,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B859~0%5D,as:%5B297~0.0,562~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba1%7C1ba2%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:26,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:826,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame E374 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49133875&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3706cb46cc4a1f086d9c2a5dc16e37dd0d459afb83c51788d1182e3e01e260e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 498E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsso3PsRO2bE-95DGlmI9POMKZw_C71Qukpc1Pyla6ziQmyOTIHjMcw9GtfIiqCFv5XgxjTbsQ8i7cv3QU-KikCSYdcxYqmvgZpbAnRwvbUeWfYOC2KJ&sig=Cg0ArKJSzIyQm5Svc0IDEAE&id=lidar2&mcvt=1527&p=1110,67,1200,795&mtos=1527,1527,1527,1527,1527&tos=1527,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2059224439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216294214&rpt=4787&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 1121 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1121 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqo-eyP6MsD6EuxiUnjBs0kP2qD6KUorL0bwI0e29QtNS0i8zbSmOdbmntsrJAB87a2R8QbELVXOrNiQnJ0CBfsdtUgsUAePw0kNZhWrudUzquENvsKdBlLwFiGBQ2duyCxqSx59ehpF82u9slgH73Wj_AopLKCMjqxkOqDCoZKlM1H_h4MaXwhMi2EgL7ONyqntFFamHQvTLt2JhXhHWnHvGjI029LhgyllGQ3nzSO4_Jw6B4nR3ZtONDoZKWoKndAckeumgnZtq_hBMAi3id1lXP-zQBkhpatT-VhorYqW7IFZlmd12TTscEXH9zsHgdS_e92KqHtKSFOQ8NGy8qennxtYkPixPm9tVil96J3OWiHJzk5osIFXTyxsII593onSo1vP08N7qBLgUOYeduBA_vTI38rzSvUDpw1FgWSUhRtRV_K_UJYnt_jMYgM62jBn9kgy1WbYd_qZM_WApVCy9a9yHyiUU7VE-CoHr0iS1EhxJ9Kb0D88S_-ZKNfy03UlRPTw7ragoFmlt6FahFW9vQeXv9j3aSgPkuC0Ulmw0QeKNDuVYYs4J2Yailsg_roSYFJFwQGgwwgBMtoiRQOgM7NwqC5nLaMHpnuDC4YUWJC4KYCzHdedsrUknL-KqhjnBR-B-HzFqPNGjQLRop6qWcLNFUf8kNYuvherVN83P2VLws3M3NHPEtq_DzJzo24vTeBIr9yyVeK8ZJDOv30rcLgEFYsJvANlHXPwETl9ep6B-2Gjfms0RbIFinoixbQabQ9DzmgTlwI4CVT6CopYIuaHvHF8-SN1071d3c4BnKiqUvB7xEXJlEBwo0FaTYFKcjUK-e8eRXe35XewnbHcM_ZALPEoFY8nwJtfTxFF8QGuyDQbZLJ31hHrHZTHyDOCBcCGS_TR73npGb-COcDEpHtVmw0jppQo_Yhvn6byokt6zev_CgMG0-aDOXu-5skfqXstP5Wnd5u2KTDiQi0jG1WOrlUAjIUxuIf_r8BLComnG-j6z63s6fziC6ka9xR0skSvbkjnNTGsRT2I7K3QH8m80gx6NpR4NyGgfJn7IGf78lP5JrDeTQdhjfYTQnmK9baAY8Cbb4lTEGBBahQLDTG0hl5LEKWkYIxEKVt4hsPogyQmNDvzAhupuf96mc60rdlxOrsHZaXG5JTh0vGhi-2UKK3qtbBa68mu3F5RvXIzAUS8NhiYrBW_NK6AqFpBM5zRXVr-2MbbbyKbvgv-40K4ijAc_MEFR2ap0y189Tu0GNoJO8_56mmVvh73tG7ytd0kgiQkJyJxJF_v_VAI3JYJ2bU_SsHMw&sai=AMfl-YSqqwXW2jv9oU9AQmYxAJu8-jjMOjrTPFu8nquLK7I2_Jq-ZsVDJ_TU2YcrCivDmmCEnjOWKCUV-wVjBmSBkw7a4uTLPtNxHTTP2deMZ_UCkyOp8Tdo6WA7ShBADPJEPIdHaH05VZHcDIN9LlPN4ssDAHbJEhClfnPm5qHYd_7M7dKgwQKfBlozC0OY0HPiowMOjV0Z5vUrzEmkcJc6sQSAini2F--oSktbDmRNCO3zYWISUqRXDUJtwamWAix_gmM_fSM&sig=Cg0ArKJSzC2XnXPgYobLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230815.04764&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1121 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
10380230397576614031
s0.2mdn.net/simgad/ Frame 1121 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/10380230397576614031
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13745cc22a703c6f57dfc8baa8b3d4cd7d0bb10f71f3fa6ae663fdfee8ff98eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 15:28:27 GMT
x-content-type-options
nosniff
age
448593
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52408
x-xss-protection
0
last-modified
Tue, 30 May 2023 12:33:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Aug 2024 15:28:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 1552 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1552 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1552 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudj_MiOOxac6fbUTsn6sljj_OmN9Z_gRUpmizXzQa0XO3UjErhDEjJIlYr_7SADPvSG81RhCXZ_pjFpbgtyY59pjd5RMxyN5IK6gj26EgkzweucG_xgwjUTQlX4FsGNABOeyNTIGMjndR7G4uCLcncCLex-O36GegRQb7rIZBB77x7UxLUEbY_vIJUwYwHavTNCxZOZPDyAAV7m74aPgIom7RoXa_ZkPjqLthybEh7GQSK4ulyv69BGHus-5eD5_SdrUADZxXpM4NfeNfl90BjLER1zgVIhjlm-zplUoloGePqKhh8WfUcY4E2Qpgki1soC_PU6nLAO1uV7UoZFKohB4NjcirXVJ6kUL5gI-XnLwEOjbwodLFLhv32dw29JAVW5CUD7zEeYa0NEMt3oRpDXaZrndXdQ7bXU67bfYedkdYcV0TKadlDbb_DsQgQc1VEbKAuMJ8JeULSrFpz-PUy_Elv1MusPDzqD5Sb8LZGNA8088lYz9_MPm7ReplYROO096pWh_OQlxL3VdvxcOeKgsgQStCecebuEhXOqUWxQ3uIsTAoJJoRhR2aW_Ex1WxXAs721TLW9FccGwhJM-FSgJW6Wdki0iR2uwpp-uN98JEr02fGD8Qz9yNyYwNjUBeR3ooZDyK_1l7PBYfvq5G0T2Gnxo1Ja8whVEPTlq25jv4Cwp-QTQ1DOs-igVCRKlWyFFh54p-Zy-9Z7JePBNcpLQcVo2JSYnjmX5vBYwf-jUm8vsR5uycXVH2i4ThIyv5WNo9sDm8US68rK37B1rDyj1q3dwECDQchNd87J7p-aZTRHd9oTCpZq5Ltgaj9E5XveNlRl_5VlymqkFRlouNmEBSnVWGhY4m__q75PzaeJrReNsYwlw1KiXQcOUEu7EmHXqkZUy5pigx2145MHsTtsN5EGnC4huarJUnxKxnUjAUcb8aJb9uL4ixE33Kkka10MO9WeOV4lZQ1zyV3Wk4jZEz-yLnQ5VtR9cZLyP3hzmGjV08yoTUlH6JjJN7589ZztvYByUHpeAWjWnBS2nnX1dM95-eREyGE7f-evMXECwylQaJCl_O7F3yIUBbkC9SXnHPI2LBwp_NTxKDsBIlnGUYWtYQ4ajyAbS8uHb3F78OrW3QAEtkEcGiqQTIKh7qs1ZhDI1uiJZ5HNpQz8PHGVP13hNIxwVFoMb7NbXiSJrgzls-Q6OFOapN9McJ6wPX6EyhP00vtdLVSGKm-YxqJtpGI5u0lyAMLdiw4aFFMfiawytsLxI9nu9xaf9rd2msXoHiw_1BdXjw-W3Hax2KpW8lgb2-5Cw&sai=AMfl-YR5ijcz0VlW42iE3WK2mlGNG-zSJVyuuP8rYX4K_c6IqxR1PG8YZ9CEMRKMkSki2x43jqg6xwUbNr3636ztJ4-n4YkIksA_BI0QwlGfZMz1XjfC0dQfYkSa2vQU0Vrin8KYkiRh8oSOK7lxoLJ6t2peKWYrvLC3bxTio1xc2JHG5VvAhThAXTDoO8FGMEG2mxHwVW7Nghd3fPq1rKD-Bj7Vyl3Sq5OsmE1Ec39xn3qh6LVujegk__G9MGxMeMVc7gCZ_ss&sig=Cg0ArKJSzNeYU1wYL0fcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230815.08368&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1552 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
2602451144179549583
s0.2mdn.net/simgad/ Frame 1552 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2602451144179549583
Requested by
Host: 02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
URL: https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6605dc40c865d797125727aa8eb51efe2434fd192b3d7d7a5f9d9fb308d7567b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Mon, 14 Aug 2023 20:44:21 GMT
x-content-type-options
nosniff
age
170439
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49702
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 08:46:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 20:44:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 705F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL3ZL90o_Dbf9jcMjKAgeTAIjs9gLWq1rMMlY-d4I1PJvCHUAXptnCxt2k-IXzZ6peO_ovpVUXpPpLWj63Rql3jOuJ6VHXCuGHDV4eMMhdLz-D-O0E&sig=Cg0ArKJSzDlRw16h3jN8EAE&id=lidar2&mcvt=1447&p=1110,67,1200,795&mtos=1447,1447,1447,1447,1447&tos=1447,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3272850789&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293602&rpt=5591&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 77A1 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:05:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E114 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame E114 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:05:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame E114 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-4%22%2C%22callback_id%22%3A%22237f3b174a613b56%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250e_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216300684&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame E114 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:05:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E114 		38 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e26a78bd1579641d4cad320e389aeb773777c8f211258e3ad8fef5b469e35f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5kCEwiyMGZsTSduPxZb8MCzs%2FaB9gSCPKdnLqrb320Yx0QmT0P%2BaL02TQg%2BJSc2DB40T%2FTbtUfALBz2kYEx3SSwoDUrqhju6HneGplRxh%2BqRwnTVD%2B5%2FhCDwqzQCHz62WOp5xUQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c4a274d3e37d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E114 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2430b1d4f16fc7b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250e_desktop&slots=1&rand=0.8075477255700418
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7877b39c1b1c7a0b9706381767fb8c4f0c8ff0862cbd6dbdc2bfccbefcd9ff4e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame E114 		730 B
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22245ebec5b3153541%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=3072ce96-73ca-46ed-9f2c-8c0e950e3c5f&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b6ae3cd6e2ae6ef8c2218a2ed8d1f2d45e4bcb23f507931a0b95088f4dbcdba6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
442
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame E114 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7f0d04f22e62926c1f766456ef39fbdc7b740632707f2626935354219020483e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:05:00 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 26C7 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9BE3 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 84BE 		603 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791077&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209100&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297120&bpp=2292&bdt=2634&idt=3587&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=1656849942&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=2911010587&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076877%2C31077148%2C44798323%2C44796313&oid=2&pvsid=4427788691987120&tmod=1253032831&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tsyjxqrik4se&fsb=1&dtd=3600
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 9ABB 		12 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7012 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791694&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209100&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297165&bpp=2273&bdt=2627&idt=3612&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=700596201&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=652956352&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077148%2C44799571%2C44798323%2C31077067%2C44796312&oid=2&pvsid=3909387001177172&tmod=175418838&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ow9bta1wgx1t&fsb=1&dtd=3635
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216300829&eid=249475fd495b9f6a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=1463938938503795&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=12&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216300837&lmt=1692209100&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=fv05ha70m3p4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm-0OXyEuOXTC5UWWH66nO-EkiTHK48E8KSXNTLx1xGxU2Wq2-CuMvCh-GhRTjXZiIlJ4Kb8s2ZrnV5FaVYHTnqm3id%2CAOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGskayGCN7WymX7f5PmCJJVCF5v0eX5B3l1QmZJ4_Iz4ix9GvZf76YhTsDqH85hluhakKzZa7vSXS-OpzcrQcJpvETOGy%2CAOrYGsmDHXJbUZNtKNN2p31MOviyi84NEbLz06pOZQkunX2SZ_0uGWJBo5MWl5RiNXqSmhkPaem0WqGsGc-WVmvKNhqcm29i%2CAOrYGsnq0XaE0XSspKQE_PtQBrN3PR6y2Sa00_w-5WDj8uTcu-OhEVuaBbP6btBqkwB8SU-ow3BANDWdL6rsMNvhwIGJnPJi%2CAOrYGskBW010C_H7KUk7k6XcsJwtyVMRKs7OeIVKKzqQDs5X0YeOSBdtHz8B5-4N5TSrsi2wS36MhlXyGS1yeozugsvenxE2%2CAOrYGskhYIYjxRI3EkacpHNESJHc_RYjZmWSgA3avKmw4LcDXeGp4HfwJJwKLWvOxiYb2MPFfYKc9Dnz1SwPG0NUPy3slY2t%2CAOrYGsm_RMzrNYn0lL4BIC_CAGowgTOAX3FeqvnzqqxWAQSngpGnXa1vF3JMp5Y1RzUbrP5UKzT2FS6rghYngS9y5U0jiXxv&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=965386203
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b12bddb38e66b9297aa5390bcb82ec4f19a9b09379cd33a5fb50e0e4a46e0df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9489
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7538 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRGAglvcx1grgXN8f5D_FVI_SKXmuPrdEzfWvUV3KJz8zJmUIK9qH12HwNlP3GAo3m7Jx53ZVqONAOUUAG_9Fys9gfwajB3jxT4yXaoNksB3g5hScFnmsCmU11w3YfskMOTVe4q6FFxlntQbYU0HasLyfhEqclLdoeDRrU71XqqGY7qq5f2slA1K-Jxes20u325u83whXc7iguEw7TjFl0cM1PUpNzBa5dg9DtMLD84lkEW5uUtl4DlZY9XOWmkbhcPfmS7MkrAB_Jp5Mxt3LSlZwlgUXsK7YisK82WlamRxf9tzfmmadG1CT5LfjvhKBoaPQfeJ3T5dhHur9vhA&sai=AMfl-YRHyoje0AaWXSHHE-3nIYErwp2JVsZjTxU9BaQaEFtxnyTt5pccAYbHKDdjD_iYLly90yR-5VJzxa1XqaTtj-GkRIk4kkHk1HaM9z5cnj1Iw5qDEekN737BcgjTV70&sig=Cg0ArKJSzKbQdsqeRmudEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A07D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvObhkUAorBfYzq4n_eTQJ-GRGonXqrCkg3YdNQie2JY5s0NUTLXixqbUjAUghw34tWWbj5T0pAotp09IYQRUxxGFyc7wN06X9hDcrg12RQ9dD8EQW2WB2XZFmj8V2iz3cahUFHtPVhgP5GBXp3mE1cvieTF7cFHgPczHZWxOKEKImS9GzxFsSNhrdjb__lsQknAW5Il2Zj7qYXrIMxcxaQk8-V8CQIbcs8SYyeSygPzxKgcInTCTQAf2IU0YrHaNAPFoUdyU8ZukyMJDstqgplJfabe-ekGqnhFRmhkEM8ZsqhwK9O73TGWQzMghkt9FtYFHNNETRHDMj6NR32eDGFQv5YYlJ-Qlh2s2fPOcqiTPjZv1wGrhQig6F538VLStQnOVrtXFejBHRm1F0bU_Y-d9qr4NncY3fcbSdrIqKstRKJfZokmSj34bESbXSvhvvP0D8n5s1DjRBMqntN3to3HgWKkIAyRzuNyfWemQtLXZxYQFrjzzJ0cwguQ34mNKUBS1S_6gktpuyU1wnGEDJpk9MkvQPsrA5L_DT_RBfM6xJehhJ0mrqs0zPz2oKH3DCRjpHmz96hsd_bS5x1U6bA79VwFoKjEucKyPVlPkTIA2cLLGWanBM5SaSFOn61YqlS8GSfB1XzwTICKKgReWXyZ7Y0ixijxJnZQX4bdb0yBpXeUnMM4khk7SSeZCDSU0aaBOlCysvvEk8ROWZS2clny4MXw2JvT1Ks_E3J66TdQphu8wllnf4DlbVV6RIm-cllOrg6FZ9mLGnzNP7Uf_asRyrjmtgp-6Xlb3L9mef0MNaYFfX2qzCm2HTWOU8fXsGXxcvatTp81V30yJMZSgbnfuw8iXh0VXUMpRfBhlDoQwXbkOTmG5YcW7EdbsMAQkO8S98Cv2ETnUXnrEC_UyAA1xP3KWHHTgswTAsaSRMnjpHWjZs4KdERUCS9d0fhXQ3W0W1YbnobveD6QRTvjYbMOP7yMuSkwTu2EQ2dN3vThCNlmKrU2zzK8_CvqZs9h2QcyxkxM0mzldYDg9Js2kLV1FgbTENzNQ3SMHF0clUoMajv36kFt58upH8cVNmoNdiEV0xCnrs48abf4EpIVhfinMZZQL4XBRR6YSemTajmEqdMjIVmGx3cj0dmnQfGwDlGlymRvoCRqOv1SgqZdl7TnMG-VrVMOgBAJLGJff2_Wv1bn40GgKAmBhPpDDjoj_II70KkqZChDPnorUqd0MSxIg_Wz7omqm3rlazWlt3MJgaD-1XhFbMDxCsuMtyu&sai=AMfl-YQm-Q19qNqn3cMf5j5uHd0giuRiSH7Ccovxsmt-BLtUKVeSO1uH1fPcgh_T2nHm3HHWj4kB8oypolZcpuX5v755bo2y0CavlQECkc_NFDIwmWNK7LVazWVnGAJyZDNwatY6JoSF-_Aiz4xTluGhn00WW5uzatjuR7PBdCIwqsP7xaAF5xm799eI2Gjg4J3z0Xi_qhXIdiRyNl9mx_OURjjD1mZ1yrhYapeLtKNWKMrCa1vIsYhAYaeQisA&sig=Cg0ArKJSzOZiNaHUV960EAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5925&vt=11&dtpt=2992&dett=3&cstd=2921&cisv=r20230815.83857&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:01 GMT
g_pbto
1x1.a-mo.net/hbx/ Frame E114 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&ts=1692216301011&eid=250bd754ff170b14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.245.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-245-178.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=2336940068868758&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=13&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216301013&lmt=1692209101&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=jnuzvt7uj0c3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm-0OXyEuOXTC5UWWH66nO-EkiTHK48E8KSXNTLx1xGxU2Wq2-CuMvCh-GhRTjXZiIlJ4Kb8s2ZrnV5FaVYHTnqm3id%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_%2CAOrYGskayGCN7WymX7f5PmCJJVCF5v0eX5B3l1QmZJ4_Iz4ix9GvZf76YhTsDqH85hluhakKzZa7vSXS-OpzcrQcJpvETOGy%2CAOrYGsmDHXJbUZNtKNN2p31MOviyi84NEbLz06pOZQkunX2SZ_0uGWJBo5MWl5RiNXqSmhkPaem0WqGsGc-WVmvKNhqcm29i%2CAOrYGsnq0XaE0XSspKQE_PtQBrN3PR6y2Sa00_w-5WDj8uTcu-OhEVuaBbP6btBqkwB8SU-ow3BANDWdL6rsMNvhwIGJnPJi%2CAOrYGskBW010C_H7KUk7k6XcsJwtyVMRKs7OeIVKKzqQDs5X0YeOSBdtHz8B5-4N5TSrsi2wS36MhlXyGS1yeozugsvenxE2%2CAOrYGskhYIYjxRI3EkacpHNESJHc_RYjZmWSgA3avKmw4LcDXeGp4HfwJJwKLWvOxiYb2MPFfYKc9Dnz1SwPG0NUPy3slY2t%2CAOrYGsm_RMzrNYn0lL4BIC_CAGowgTOAX3FeqvnzqqxWAQSngpGnXa1vF3JMp5Y1RzUbrP5UKzT2FS6rghYngS9y5U0jiXxv&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=495745907
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
840b361fe830a6602d822a062bdead4c813050133cdeecf6b9ea59a118e2173e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11632
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403343952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A706 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 498E 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame FBC7 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 498E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9vKqzxGkluHhB_Q021yDpn9EvOExkdnlmebSSt9h7eTjtEOcER9LnGfjgfZwac1DyuF0shkmsV27cbrTJHUUE2HNk1R7snXvSiLFD2kMjwEAEO9aqNS7LjCArdkctqN6VOW6MfNVaIMBP8nkyhpzbeRJO0YcULNLsJ7IUV4voSK4_0Jj78n-9nitoXxWZbjKrK5XwJWFB8CWKl2jWF4E86mxSRoSkoUJnKB8x_SsNvtr7GALVbgiavrz3FMA4CnAZ2JOAMKE7pDqBXJwwHONwsnghxof1QGSBhSyobZl9Vt2FHHianRCzKef2UZq-AUobt5slctlTup_rNZX283j-dEgb9qes1bI59UEwb2zYAtcyGQokUdAkCFDFgbkXl-Asj4qqyjWIzZFw-7NazolR1aYNm6XGG2b1GO-7KelRcjd2rcXaTFe_0GJ0Luwz5hWTaGb0qZO8pjYAtBQ528iaADJdaDV_0aLqvrDnnYPBXxrr--asucPp6anig--iPvL3sxzEkb10SEsTZ_Qn4TSkEj37VkrkT_O7bdWkDcYO48cTW4Vo93KXPMgJwabT1-fH2lU_7mz71LhC0zdApHs5479AIBKgkGg97Wen-sX52EkJhlsyvQIx4L50lduaP9C5lFw05v50Ad1_UyXHGGSqraN5BnoE8fdRkuJsMxVb-1jh3VFyyWONfmdyYwKZW78hbAi5FYy0h_3l2p3GfFyXyoowhWqNsJT_KIX6qvsNo3xn9TOfoc7NBdl6mA2t1gx3tQJ_vUiRVIYP5bzQeZb9esGT01gYtFXylaFy6zcfshCIg9kWlUqSG1pNQvbjRUJNuwBdzqhUq2JqGy8bzd6d8fUAiXjaZIFmXHdRMqeAU5-YJu5LqkYs_wo992QWpsF-OEFIWuLo11kJlBTwzyomPVL2cUAKjcvOLbRhH0JXxTYQelvTaSrh-Ydlww_YqGRJASZ5yKL-Oqiz4uJM8scZ4c-vQ5R7KFjYKqfsh7y24GLBhQeVocb2JimswhlnXXLdKf0owtve5AkJ_dKZfaGhHHKnLtyhJX-3qX3mxT4hzo8291OozZYehjZsuNu4BEGJPP2ntTRaIqJmAUEksAfwO6nejVEt98dKL9IG57hTRVUqQCWO8nVvMElqZNTSiSmOc92VLwhnotK-sWJbMAxwQbgc5HnL2T_Lpgy-3vlBYMCb90a8iTuvaItlCSg87UCePi85-3tfOCnNOLR37asg_0WNLKWxLkdmMXhM3jQWyYP92WACCQgdk-iqk2t5&sai=AMfl-YRdVLIFaZpuRerZbSZnXFSk4MkyO-dF0j6wWTobtGSJZPP3vbya2eWPRwvXCNuYk7bsSvtmWbD-TIRXwGz0BJ2ADXvRfqzMSo1sPUTwBXeDmbEOl0ycycU5mFtXTDtyQdL-zOHwItXK98dYjmhAUo1fh-aQ-v3Z4g-Bvxv1BN3Zr0XpTg9Xl5XCLr6Jh3e16PFgKGgsxf3KrLnafnRCNhR1OzCcVBrE718LwdSONxI8AsKVhUeACN7WlBc&sig=Cg0ArKJSzDyyhUsowngeEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2062&cbvp=1&cstd=2052&cisv=r20230815.06254&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d&tv=%7Bc:lurMys,pingTime:-2,time:830,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6013,beZ:6015,mfA:6018,cmA:6020,inA:6020,inZ:6025,prA:6025,prZ:6038,si:6044,poA:6051,poZ:6073,cmZ:6073,mfZ:6073,loA:6463,loZ:6466,ltA:6843,ltZ:6843%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:830,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B822~0%5D,as:%5B822~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1b92%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb*.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bb*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:31,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:792,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 1121 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0163fe0755b485e9e42e298383aae0cbe5ea583b6bc5e3fc199a5f1e6df0ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1552 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
175ed41ba5dfc9eaa6b93d806adf38ea7f6b07800fe02c58ba2a94a37ec0eb5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5363 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 705F 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
index.html
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 2EC3 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
392058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22859
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 12 Aug 2023 07:10:43 GMT
expires
Sun, 11 Aug 2024 07:10:43 GMT
last-modified
Wed, 09 Feb 2022 10:31:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 705F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnEp0oMQCzuCGqCNpQ8uOmUVnVZWbp4dgoJ61IE-3E-sJZwGRwxr57vtdqIxjUNNFObPrhElQRxazm5_ch17Vb_C1BiljFOCeryy5jC3Ebl1D0SgDc-ufZaeJCw4TRYnU-88De0sKrBail14azv-rRS_3GFk_H4hxsOKjT2cTCORbmfuizzCuCfJVcaNTnBaOOJqhz8hzbk0FPK-_GuzhErkSu6jVDh1t35cWvJGTXovMMFX0Qo4u9f4a-JctISypx9YpDSpOikN4lzh6whw2RPyDZPZP0CiGQsoIpG_gn7U76EWnhtXvsJ3FRrBOikE6Ab89R5uD9JrOVVntHqNMHELNCBkXWJ6KVsIs8OA8vR3oZhjMQjgxnxcSOBf92HfcUykhm71MEPqUM9u7BWMFtZBTkLO8liHtnpTxF-jju4GCpMRV8H5YWUjKJ2SegaBl9TCp2dfA-kG3r4sKCAQhqwhZ3GoCqgeqAjLNmU31tLZ0QVBSM7-95AIBlvK9OUG2ko2pioqtLPxaxP1mf-fBwBBG1vDLSgU_BYkdhQqBNB3iYeUYFdF5wPIbZYBmLHUROMWIXKwKAXegxN86u98BGOVC3UcKejxV_7xcQVL7c3tVEBVv949Q-DnuDbabBwlNrxoCD9ExHnsHS_orL7lO_HbZWeVCoVQ1dUWwRbv7T-LmBWX6eqUfSEnpz66DnPtC8VpxlzgSNeN9tClLCSYjf1bEfadLroXHX5OG-jZnMMsvnAmbg1tVY2T6pezZEyFel5exZAzY68jcZx2bg1w1rwkZMrsNFcUymiO10IqCfiuC2msD-l2VL5Z5bBowML37tvgL4NLehuZgCNJlN3rWq0w8my7XyfVBP2fk6YhQkgp6SssBjH9m1dIZ0a-ZInUtFtlZMUVAukkH3AX2EmUMDuFlHxsuW1HTYUXeLqkRrHqhNdveRj0gW8JJewYJTnhtTu0fGZPmUaKckOyqzEtNVioUBs8s6OATRw2ZB90ITY8XE_1sXuv5_rLPOLJyJHsmdX4_ljPPxkcKMrxrVMACB94MNa1Av3RulBAjs7mPgKfexnAbanT1KSomjU-U-96CQQfuemhtmXAZXDFiTGd3qYdR1GfRjfdhXQhkh2zA6dqtpQgJI8iE_kFrHPN4sCE4qjCr9J0Hif1z2Tq4A_xSzJzGZti0lSYPB5QsrvShM546ghJWo0iedXU-R6ZegriF9NyYeTkrRw0XAVZEd5OnhiYgw5TH7KGMBn3BXVCaBJFTslMqg39TTS3LUKVhi&sai=AMfl-YSZTaiGt8bUVu6BX5jNl-YQS0kblphZ7GeQw-djZf2vfUhzg3hYO07Yfuo0qyQwG3WR2ULlQSGzI8P2x3PKakBy9L_PJ6cCvcfiN22ax63LM5CAz8hcnWtI7vgTmlLf0IVi0fkzSo3HL71sFdjNr1Ak7VYIYz4d2WCxGfolCOmYWoiLjtjIKSc6pOynIlbDwzSRew9ILtuqZQo8GqeXnjScjk56HHXKackH5ZCxa2C3zK190eV4BRFv004&sig=Cg0ArKJSzIymTMHpPx8GEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1934&cbvp=1&cstd=1926&cisv=r20230815.61628&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 9601 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5644e5e23aae2be83e74f6a88acf978a251e05e30f439e7e30f3aeb6f33d1214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128222
x-xss-protection
0
server
cafe
etag
3752907331558233593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b7e091bf-dd0c-e5ed-f46b-a33ec296f444&tv=%7Bc:lurMzB,pingTime:-2,time:684,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:6842,beZ:6843,mfA:6845,cmA:6846,inA:6847,inZ:6850,prA:6851,prZ:6861,si:6866,poA:6871,poZ:6894,cmZ:6894,mfZ:6894,loA:7162,loZ:7165,ltA:7525,ltZ:7525%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:684,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B678~0%5D,as:%5B678~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1ba*.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bb3%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1ba*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:25,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:654,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurMzT,pingTime:-10,time:3519,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216301145%7C%7C665787836a55eb3857f33243cfbfc18c%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C3637ac3185890c2ed8e560e6e078480c%7C%7C23b2c33d9beefe59a25f71f9e2971584%7C%7C4d1b96411a40677fdfe913d56a4b1d8e%7C%7C94d7fec7497f717918190062ff502019%7C%7C5370f67e656c0536290fc432b48c39de%7C%7C1663701684,im:%7Bpci:%7Btdr:3342%7D%7D,env:%7Bnr_p:1,nr_grpm1:1%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame B97E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74111188&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9d11fb772b951e4aeaae8bc1941961271b8a9d42c99cbca9095868e88adc1587

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Aug 2023 20:04:59 GMT
content-length
1361
content-type
text/html; charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame 1121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqo-eyP6MsD6EuxiUnjBs0kP2qD6KUorL0bwI0e29QtNS0i8zbSmOdbmntsrJAB87a2R8QbELVXOrNiQnJ0CBfsdtUgsUAePw0kNZhWrudUzquENvsKdBlLwFiGBQ2duyCxqSx59ehpF82u9slgH73Wj_AopLKCMjqxkOqDCoZKlM1H_h4MaXwhMi2EgL7ONyqntFFamHQvTLt2JhXhHWnHvGjI029LhgyllGQ3nzSO4_Jw6B4nR3ZtONDoZKWoKndAckeumgnZtq_hBMAi3id1lXP-zQBkhpatT-VhorYqW7IFZlmd12TTscEXH9zsHgdS_e92KqHtKSFOQ8NGy8qennxtYkPixPm9tVil96J3OWiHJzk5osIFXTyxsII593onSo1vP08N7qBLgUOYeduBA_vTI38rzSvUDpw1FgWSUhRtRV_K_UJYnt_jMYgM62jBn9kgy1WbYd_qZM_WApVCy9a9yHyiUU7VE-CoHr0iS1EhxJ9Kb0D88S_-ZKNfy03UlRPTw7ragoFmlt6FahFW9vQeXv9j3aSgPkuC0Ulmw0QeKNDuVYYs4J2Yailsg_roSYFJFwQGgwwgBMtoiRQOgM7NwqC5nLaMHpnuDC4YUWJC4KYCzHdedsrUknL-KqhjnBR-B-HzFqPNGjQLRop6qWcLNFUf8kNYuvherVN83P2VLws3M3NHPEtq_DzJzo24vTeBIr9yyVeK8ZJDOv30rcLgEFYsJvANlHXPwETl9ep6B-2Gjfms0RbIFinoixbQabQ9DzmgTlwI4CVT6CopYIuaHvHF8-SN1071d3c4BnKiqUvB7xEXJlEBwo0FaTYFKcjUK-e8eRXe35XewnbHcM_ZALPEoFY8nwJtfTxFF8QGuyDQbZLJ31hHrHZTHyDOCBcCGS_TR73npGb-COcDEpHtVmw0jppQo_Yhvn6byokt6zev_CgMG0-aDOXu-5skfqXstP5Wnd5u2KTDiQi0jG1WOrlUAjIUxuIf_r8BLComnG-j6z63s6fziC6ka9xR0skSvbkjnNTGsRT2I7K3QH8m80gx6NpR4NyGgfJn7IGf78lP5JrDeTQdhjfYTQnmK9baAY8Cbb4lTEGBBahQLDTG0hl5LEKWkYIxEKVt4hsPogyQmNDvzAhupuf96mc60rdlxOrsHZaXG5JTh0vGhi-2UKK3qtbBa68mu3F5RvXIzAUS8NhiYrBW_NK6AqFpBM5zRXVr-2MbbbyKbvgv-40K4ijAc_MEFR2ap0y189Tu0GNoJO8_56mmVvh73tG7ytd0kgiQkJyJxJF_v_VAI3JYJ2bU_SsHMw&sai=AMfl-YSqqwXW2jv9oU9AQmYxAJu8-jjMOjrTPFu8nquLK7I2_Jq-ZsVDJ_TU2YcrCivDmmCEnjOWKCUV-wVjBmSBkw7a4uTLPtNxHTTP2deMZ_UCkyOp8Tdo6WA7ShBADPJEPIdHaH05VZHcDIN9LlPN4ssDAHbJEhClfnPm5qHYd_7M7dKgwQKfBlozC0OY0HPiowMOjV0Z5vUrzEmkcJc6sQSAini2F--oSktbDmRNCO3zYWISUqRXDUJtwamWAix_gmM_fSM&sig=Cg0ArKJSzC2XnXPgYobLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=619&vt=11&dtpt=617&dett=2&cstd=0&cisv=r20230815.04764&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:01 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 23EE 		12 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E3C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=4198791694&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216297949&bpp=2086&bdt=2754&idt=3259&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=60446090&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1637291388&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076876%2C31077148%2C44799568%2C44798323%2C44796312&oid=2&pvsid=992285831716002&tmod=1416856001&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qfu0p5wapqke&fsb=1&dtd=3272
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1552 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudj_MiOOxac6fbUTsn6sljj_OmN9Z_gRUpmizXzQa0XO3UjErhDEjJIlYr_7SADPvSG81RhCXZ_pjFpbgtyY59pjd5RMxyN5IK6gj26EgkzweucG_xgwjUTQlX4FsGNABOeyNTIGMjndR7G4uCLcncCLex-O36GegRQb7rIZBB77x7UxLUEbY_vIJUwYwHavTNCxZOZPDyAAV7m74aPgIom7RoXa_ZkPjqLthybEh7GQSK4ulyv69BGHus-5eD5_SdrUADZxXpM4NfeNfl90BjLER1zgVIhjlm-zplUoloGePqKhh8WfUcY4E2Qpgki1soC_PU6nLAO1uV7UoZFKohB4NjcirXVJ6kUL5gI-XnLwEOjbwodLFLhv32dw29JAVW5CUD7zEeYa0NEMt3oRpDXaZrndXdQ7bXU67bfYedkdYcV0TKadlDbb_DsQgQc1VEbKAuMJ8JeULSrFpz-PUy_Elv1MusPDzqD5Sb8LZGNA8088lYz9_MPm7ReplYROO096pWh_OQlxL3VdvxcOeKgsgQStCecebuEhXOqUWxQ3uIsTAoJJoRhR2aW_Ex1WxXAs721TLW9FccGwhJM-FSgJW6Wdki0iR2uwpp-uN98JEr02fGD8Qz9yNyYwNjUBeR3ooZDyK_1l7PBYfvq5G0T2Gnxo1Ja8whVEPTlq25jv4Cwp-QTQ1DOs-igVCRKlWyFFh54p-Zy-9Z7JePBNcpLQcVo2JSYnjmX5vBYwf-jUm8vsR5uycXVH2i4ThIyv5WNo9sDm8US68rK37B1rDyj1q3dwECDQchNd87J7p-aZTRHd9oTCpZq5Ltgaj9E5XveNlRl_5VlymqkFRlouNmEBSnVWGhY4m__q75PzaeJrReNsYwlw1KiXQcOUEu7EmHXqkZUy5pigx2145MHsTtsN5EGnC4huarJUnxKxnUjAUcb8aJb9uL4ixE33Kkka10MO9WeOV4lZQ1zyV3Wk4jZEz-yLnQ5VtR9cZLyP3hzmGjV08yoTUlH6JjJN7589ZztvYByUHpeAWjWnBS2nnX1dM95-eREyGE7f-evMXECwylQaJCl_O7F3yIUBbkC9SXnHPI2LBwp_NTxKDsBIlnGUYWtYQ4ajyAbS8uHb3F78OrW3QAEtkEcGiqQTIKh7qs1ZhDI1uiJZ5HNpQz8PHGVP13hNIxwVFoMb7NbXiSJrgzls-Q6OFOapN9McJ6wPX6EyhP00vtdLVSGKm-YxqJtpGI5u0lyAMLdiw4aFFMfiawytsLxI9nu9xaf9rd2msXoHiw_1BdXjw-W3Hax2KpW8lgb2-5Cw&sai=AMfl-YR5ijcz0VlW42iE3WK2mlGNG-zSJVyuuP8rYX4K_c6IqxR1PG8YZ9CEMRKMkSki2x43jqg6xwUbNr3636ztJ4-n4YkIksA_BI0QwlGfZMz1XjfC0dQfYkSa2vQU0Vrin8KYkiRh8oSOK7lxoLJ6t2peKWYrvLC3bxTio1xc2JHG5VvAhThAXTDoO8FGMEG2mxHwVW7Nghd3fPq1rKD-Bj7Vyl3Sq5OsmE1Ec39xn3qh6LVujegk__G9MGxMeMVc7gCZ_ss&sig=Cg0ArKJSzNeYU1wYL0fcEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=629&vt=11&dtpt=628&dett=2&cstd=0&cisv=r20230815.08368&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:01 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame FBC7 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
request.php
hal900025.redintelligence.net/ Frame D7F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=6fdba72671&subid=&uid=9da9d99fece34022&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCWw2z5CvdZNuFJdDW-gbKp4SwB5umgKJp1ZLqi84P9i4QASC6vvAWYJUCyAEJqQICg-nEjkOyPqgDAcgDmwSqBMMBT9CnO_yTGHhz8GICynbh4ofdkqhQZG3m1S5xlTu0vBos3sNVyxLQ0P9srue6NSZ1AMKvH8nIaDmQ82tyZkcTVuOFDk_8wi5fb67tqw5kG-gqFSOi998utUZ7Tgv2TiHNQ0XR_Wa_2djsT0Lwf5RytZHBVZ4EpSZ5mcZ6z-yhhjj6p5p6i8baQNgZk-PX5RWTbJg7ei0qmomKhpjfl6ju_hMmwLGx_Dzvp7osmttaqCrA5EaP83vofdEPw-OED0-x28GpwATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYXzICqgI6AoBASL39wTryCA1iaWRkZXItNDEwMDAwgAoEmAsByAsBgAwBqg0CREXIDQGwE7OgqxTQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMI24eE-PzhgAMVUKveCh3KEwF2EAEYASAAEgKFPPD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWtbJZ4ANbBbsP5-7KRXsGiTRqQkcFb0DywLCaTq3YFK3bJwBg1pFCyUqBdCKZGAE%26sig%3DAOD64_0R_NxloLXdIB0_8SWy6R4rntfzQg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-Ag0I44wGqmmHH78G0uHlYry0-R6jbMSD2ITQICxITCJJjwuqilNlPbvofkstUP9wu70p-NDE_6vOfTeYLVmc3LscpBe4J2YY8F6Qi6tzqqNKOy6dv1_89pfLoI0NM3DbG6dEUhSVLVCBJsCCZSgpoDEyvrYE3BEPTm3K05cvgNDWIcL4Q%26cry%3D1%26dbm_d%3DAKAmf-BUwXvFlXdGoyf1VWMMmJPF3Mqy-crjTSvKO9wgxSfKm0aGZMA4uaw9d1yWTq-hvzqh-p2GYfrF9LY5cRcwhandqWMXNdWPDNgJZURBOq4xL3hUMcmXvWiJgXuntxYdPNklZ0lSUpqDPw7cw4Nza3IlaR5fo34dQFTKKFIfg08YZEgpdl2yXA1wNRBBqFXO6lXmHujsemb0W2Pucz7eV1UkDmCpwMBgQSsIqNg3ruwzeqfmVuTWUuzX7vRgzpC1fCKuFB1euS2xciOFOmtKnmHwLLQZrzzFrJhsJGuB1Mnx6Q4r_8zi-6anOuZ3WpkEcgO-iEBt_lCIQdUtj2tKxm2il7FsjlX0oB7JujcV46rGDRXrWPeMD_6mSOxOPPunA_8cpK13Ryy9BesnezYgQcyCPIP8we6TE_wf5IvVEk-H_5PIl4F-yF7q5_WKzRdmkeUDKt4fY3fuJzflWzuSI4BXrhqdj4piW6Gd93386GHetbJi2HdX0lLSib2QjF0NDISsr3Q7w5ZOujDh7nxwEDGfQFgFCo23RelBKZWUbNizxMZzKGtafQW-P0F8QxoQAOd9HfRJ1nt2Q4KeI73VYzRGaFlwTw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=9793072922469&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
54066f2484f85c67ba08ab69f8324fceb10bd2894769c0d0203cff17e7adf537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:01 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
62526000171264204444640012418025
Connection
close
Content-Length
863
Expires
Wed, 16 Aug 2023 21:05:01 +0200
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=3699618260900315&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=14&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216301320&lmt=1692209101&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=8n7s33yafdl0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm-0OXyEuOXTC5UWWH66nO-EkiTHK48E8KSXNTLx1xGxU2Wq2-CuMvCh-GhRTjXZiIlJ4Kb8s2ZrnV5FaVYHTnqm3id%2CAOrYGsn6sAOYI5Am5iEVHDz0s2JTzzZCkAa-5u2EQ4YVjhpq7MsegXjga4FZtp2ETEOG2z7mEfoBzIcUVS4H8me-7Z7wrfw3%2CAOrYGsk7WUeBkg9onGhRZbcr6d4QQA8gee2Z3pnGP6OUiz0SJeiV2MqwvYqJ7lOPOa7POlpOfWfuKkOZd14AzQiQMA0J_2S_%2CAOrYGsmDHXJbUZNtKNN2p31MOviyi84NEbLz06pOZQkunX2SZ_0uGWJBo5MWl5RiNXqSmhkPaem0WqGsGc-WVmvKNhqcm29i%2CAOrYGsnq0XaE0XSspKQE_PtQBrN3PR6y2Sa00_w-5WDj8uTcu-OhEVuaBbP6btBqkwB8SU-ow3BANDWdL6rsMNvhwIGJnPJi%2CAOrYGskBW010C_H7KUk7k6XcsJwtyVMRKs7OeIVKKzqQDs5X0YeOSBdtHz8B5-4N5TSrsi2wS36MhlXyGS1yeozugsvenxE2%2CAOrYGskhYIYjxRI3EkacpHNESJHc_RYjZmWSgA3avKmw4LcDXeGp4HfwJJwKLWvOxiYb2MPFfYKc9Dnz1SwPG0NUPy3slY2t%2CAOrYGsm_RMzrNYn0lL4BIC_CAGowgTOAX3FeqvnzqqxWAQSngpGnXa1vF3JMp5Y1RzUbrP5UKzT2FS6rghYngS9y5U0jiXxv&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.06%26hb_adid_rubicon%3D2513be172494d561%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D2513be172494d561%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2460199046
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7479c260d268af94f19590c0bc5d03fa2e1ec895246b91fc1e00f24c8cf947d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11676
x-xss-protection
0
google-lineitem-id
5112246896
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 143E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 743C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 9865 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 3AAB 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
663e6c692ac6f3b276dc3215dbacffece42dcb3becb129cb8c19b8655492338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128222
x-xss-protection
0
server
cafe
etag
10893971305899394779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame A54C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5F67 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5981 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171331078&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216298844&bpp=1377&bdt=3115&idt=2558&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216301&ga_hid=1829257103&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=616481410&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31077017%2C31077148%2C44799580%2C44798323%2C44796313&oid=2&pvsid=2669857178375524&tmod=1911555855&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wdmo8w9ngfgi&fsb=1&dtd=2565
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2EC3 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:02:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9ABB 		0
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame C04B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xYnAHh3GkN1oQL6ISU4YOVSCFZj5i9X7RI1z0Yme9eEoTGqNZG3lRA==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C04B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e08b83b3a0404836f913f3be9247a3785c929cb8d23a724bf3d7e7b50c51558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7913
x-xss-protection
0
server
cafe
etag
10425304560438231363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C04B 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7538 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db6a2ab5542cf978710df3dc111ddb94a54a0b309004e4fe0b7f9c1b7dd5f204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50787
x-xss-protection
0
server
cafe
etag
18240649598294976703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
truncated
/ Frame 7538 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddb3613f6cd0c0a1dcf1422a2eb6a8c286f74178516852aa88c9e92657812d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 5C1B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 57B2 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299019&bpp=1412&bdt=3027&idt=2513&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=755891671&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1021776040&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076877%2C31077148%2C31077066%2C44799581%2C44798323%2C31077067%2C44796312&oid=2&pvsid=895952461367659&tmod=1221880424&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8knjql4a2vpa&fsb=1&dtd=2529
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame FB3B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE3E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171325997&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209101&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216298846&bpp=1564&bdt=3201&idt=2715&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=1109743175&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3607676247&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077148%2C44798934%2C44796700%2C44799570%2C44798323%2C31077111%2C44796313&oid=2&pvsid=1969310275089779&tmod=9836950&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oknrxsplaiuu&fsb=1&dtd=2729
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view.aspx
pb.media01.eu/ Frame 43B7
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=64536700147702304444640012418010&actionid=879111&produktid=ratenkredit&dt_url=
0
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=64536700147702304444640012418010&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:05:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 16 Aug 2023 10:05:04 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Content-Length
0
Content-Type
application/javascript
Date
Wed, 16 Aug 2023 20:05:03 GMT
Host
pv.medialead.de
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=64536700147702304444640012418010&actionid=879111&produktid=ratenkredit&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx
Strict-Transport-Security
max-age=15768000
Vary
Origin
X-IPLB-Instance
40027
X-IPLB-Request-ID
B2A2D188:B660_91EFC182:01BB_64DD2BED_203CCF5:22024
request_content.php
hal900010.redintelligence.net/ Frame 6907 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4ef32d67235ae73540d0191ca9fdf750b843f1a07876396d69f18c79f08664ca

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2103
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 20:05:01 GMT
Expires
Wed, 16 Aug 2023 21:05:01 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame AE12
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Server
145.239.193.130 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Host
pv.medialead.de
X-IPLB-Request-ID
B2A2D188:B896_91EFC182:01BB_64DD2BEE_205F82C:B82A
X-IPLB-Instance
40028
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
Content-Length
43
Proxy-Host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64536700147702304444640012418010&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
content-length
154
content-type
text/html
ai.aspx
m.exactag.com/ Frame AE12 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?tc=ce02f64282534558b88ece024409f414
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.9 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 16 Aug 2023 08:05:01 GMT
X-ET-Code
11
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1199
Expires
Mon, 26 Jul 1997 05:00:00 GMT
cshow.php
www.awin1.com/ Frame AE12 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=64536700147702304444640012418010&pv=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:01 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
usync.html
eus.rubiconproject.com/ Frame D133 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:05:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AE12 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c72c1798-7894-bc5a-cbb1-25f85dc8c3c8&tv=%7Bc:lurMHF,pingTime:-10,time:2358,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216301626%7C%7C145c71f7ffe70b33060048e1380d283f%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C2c2300e16b748f568acf1135b838ee9e%7C%7C4ff2d20aebbd5c07e9b86fc08ea1e0de%7C%7Cc26480bd1f229e7598430a19e837ccaa%7C%7Ce21943d2bbf8dfe088c5671ae714c3e1%7C%7C97aaa0d6192dd92e496b7c0c50b3b4e3%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=27e42e3b-393f-932a-e90f-01b28cd34846&tv=%7Bc:lurMIl,pingTime:-10,time:2219,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216301669%7C%7Cd3d57e65cde8276d2f82d5719de3b9d0%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C3db8d66a5e9eca92c48fa06b5f5c0f04%7C%7Cd4bece681c95837bf7b48e8fe269f0a4%7C%7Cf624c40accfec95a285c7dfc0dd4fbf9%7C%7C68e7c97f2ceaa9fa4f1e0fb34d055dca%7C%7Cc1cf22fa41b4ef361a56aeef17b6ca01%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame A07D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ezW6cgZgj_kY1beqpvCXxx-mbvRWybntGIq3KGPCdpf6V7vbGpTe4pi2iU5KJVAwP55ao0qoB2Wuzjh9-qW8iT6eMZehVZENutMh2CKTU2k&sig=Cg0ArKJSzCJksmAXkwEnEAE&id=lidar2&mcvt=1458&p=0,0,90,728&mtos=1458,1458,1458,1458,1458&tos=1458,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292199&rpt=7868&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D7F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYQZI5tL4eNzY_4wCMzw8yPT6fyn6a43MSJgitOHFZbARuE1kw-iLt6DHZInwk4YaW_aMZb8fLVHwbJ0MIrW2OPP5wz2dGYopdhEvekoSpnS7xyRSG&sig=Cg0ArKJSzPft0CLJZZ4EEAE&id=lidar2&mcvt=1462&p=1110,67,1200,795&mtos=1462,1462,1462,1462,1462&tos=1462,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1601445237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216295242&rpt=4867&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurMII,pingTime:0,time:4066,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D,%7Br:r,w:728,h:90,t:1605%7D,%7Bpiv:100,vs:i,r:,t:4066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:4066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4061~0,0~100%5D,as:%5B1601~0.0,2460~728.90%5D%7D%7D,%7Bsl:i,t:4066,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4061~0,0~100%5D,as:%5B1601~0.0,2460~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1333,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b4%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:2452%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame BD2B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4AvenA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 9D6E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame BAD3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurMJZ,pingTime:-10,time:2180,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216301771%7C%7Cfefc5315f082b64822c2ae37d79e20d7%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C25923cba5eec94c9a083bfe771e17436%7C%7C38e2bd51def5e81b0ea50566fa3c568a%7C%7C67f125e069307ba151ad60ec71b37cb9%7C%7C200139dae2f60e746a27fedd08d0aeb5%7C%7C2d1b514f412d0005f7ec5f1d146bf3f2%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 1642 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHO6JHXSaroezTIvuTjfVG3zBmhG6bdmvKDI3phRgUj2cOgDdX3mxNgFLlAoDJeO9cyQVNRS87uwsmDa_V_w70RsCR_a4pwdVP-wV39oy36pnD0QXNuCyM5xlHgj0XfRlj9txyY5MpnTr9z8Xrdbd64fBWpTuSl2RCypN9vsOiBw-4aZ09xFTboPKIog3vOH0UiV2inD5-nnhNUG994BSk1f_uWmcOKWSS8FDZiUj9b18GTDk_GnRYuKgULAQPa6F90XNVQgQeuSlslz8fX0Au2nkOhm5d_PVO61lv0Pt6ic_47h54AgAg9OFSlaYDLAhxjAyafmVGcjqxfgefdrtrHFC9mTM0VpPTRY0uWvXuIIv-gDnCmxCHR0mxrppG_x9wDR3YNHGWfAy1qlA4pJYrPCrZwqL1h1xSfc0CyhpAogt7v3u3dxzNEQAhT_jTsP1x3HSoIbTqGvJEEuuO87QOSocpWzj8U6n7wNIAJACpxhbk15O_pQmzyPCZ5pm1wKZrl7HHdwm5Kz_KH6jI_eTTH2V7XHEH9B7UcbPwupgTTkugm3DGFfM9oltIrVYrnFGVPmqTXa_tv8c5hBQM9RbFHsPP3UDkxsWOFLjYnh_y63YCC_k9mDwXiw-oG7xGPgveFfKQIcHKQW3oBMM1QvpLdOm94wFutPcoxO_WfAHBRM9vLp79jaUGbx2tbeYAsSUZCBdWKw1FXA5mgE2RtNUGNI36l55IQRvBuwTZFrk0I8k9hO8mFa7TRDKDbdZvwjDaX2Cuc7DiDZAhx1Ij0Gr1EAw6SypWdFp46UI0dWBqt-LVGXsWGisPVLpr2mbTze1Y0raC_MnswZ46X50aHXpd1ZinnmR9Lmo8rK0Cbse9iJYYNNO98n1HJWj0MLR58VnRNWs-XkfWBkXtrK9XKMwBWfOtAnCny03dOUOeyPB5JwFySi4IMA9W3dWo3VABXSo9WvlforOeW_N_HYsCGx7s3h5Rtq3wrHAe_ipjCwSHkUnQUYDCOMR3eH3aMEFbn7DdTijL4tf6QSLym_N7YEHRdsQh2NftpKWoGqath0MT6fGRoNO6ivznM_thXd4N_JjUzhKn1ygA5H485ILuZMorUnAExYIxRCIqvKBMba40WCaCdEYP3Grd61wRSJkTuDolAbL_IQ5TQ1qwmfYjdeTLL6hKCB-k8FrRM1JdqGk_zyX1MIitfNhdbwlnV_80gKIa4yYqv87OkzSpmjRn88-boS9p8Hl97dA2SK7p2hPLIjrCA1-R09SELBEYz1oG&sai=AMfl-YSwgXIoSnX_mwj_E7hZyZJK7tWUlCU94x3FYNdmRoS66R_Tvv431cWFxOQwbhDjJ4_lYUOu638bEuKoVUbzOMmeF_HjmTLEo7IlPT_LC6XHK1A2eu3pMOIQYZaQr2mKxDrU2iEuWv496uV-e7P4GaIdPlcLO69CrESaPKdb-97wE2wPS-2emZn4hBRGirakcZUWll4s4vCWdH75qcE2XEVhK7C3iHUr98WXmAwxwu8LwuQkHCUFjJm2V8A&sig=Cg0ArKJSzAihonw5QzDGEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5696&vt=11&dtpt=1988&dett=3&cstd=3694&cisv=r20230815.70725&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9BE3 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9BE3 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9BE3 		0
0
container.html
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9DE2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:04:52 GMT
expires
Thu, 15 Aug 2024 20:04:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9576 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcsLOMe1pODzwX6Vj8Uie0rd6JmKVMgqW4h5KSXD1f6zlILNgr8qRJKN8Sz30YXLBPW9M1hctjnez8rCpZJEbtz6HiaQ8s-_XhvYRH0RJdoa3DlgEDAYYCIpxUjSjlKryw0ZjBL8EWRL_JJ7LWIgibNNEKxN6Yhyy3ne5uEx8T1X0EKq7vfs1I4qBnY_Sdpbmw6dy6LkuJ4bz84o7r4xXRAB5Lw6xjH1gr_uDPEHkqjMQdeOuPiARwjdRQA8F8qdGUU_orkoZKZr1tEnR1Kmd-A5-w6_LO9XVTqShip-GH9z_HkEuWqjlhuE3RmUyfBbYfjb4NWvrX2MKFz5BmYggxI-flvN5JPZ3r_DfVrak-3dQQLi7A4wvxt09eZvYAmZN1CEH1rZT0trGD0evDrLqtr_i8ILfYl1Zq0TnNrjqvFir85rEBwBOP0pSko9d5tHjXBl6Smvizzn0amdKrTPEmt0Y64SX-6ejbgL3BA-Fn0Sk2hfLXKL8RtWVRu2M6TLEti4OcYwXykda84c8lo293hBI1SKCaAZY3bqdNzC4p7jVLvwtvOsBehWIGw62TYH-2Eg0LCVISieI6OEb_A_8byAYySkOOh1-TGnUhD2rERpPgGEZyW-YRouF6ts0OCbQdkML1tILzT9CPRAn7p4E2eYwKlTNfBx7fYfhVb83hjLbTsqcZax7_UQHY5FpYLKSdKztzD7rKPgVuWQNGwPAcOG_UJKKzdANo440HDDmWkmJmeMnQd4ihEmowVhAIauxuRFwRXWeT5zxYApbITq57gXs_vjzPkMpD5P2jByuwx3r6jY5e1yThEaUNTqfbc10oTSonHlhz7aVxssa_0KlSHvHT4Y0yIHtFIYu64nKQTukdRBHavR3hGAKt66-H4B2qsGk6Yhe0iItR3eV6XSfZraO7YZJydXv_neXgLQSUzY-3rVT4lVoYzXDo1Rbc7OmlbbvHsacz7qZt1s_fRCWgn1JFnSTVASzLxUolyCltxNju6wGPjzikYHn9fLUqeOw0kOmU1ekn36lJ68oUL2RViRrJZbONmSMbdBOepDIO2I5nQtXbaxh_NYaoxkX1J2Hakb31O0b4VjCtyYGVk2hAWzdvyp6wPz6bTC_BIMoXUrlQki2pYhx0pisrlOh3JdvMRuAGAEDF8ufQapNDQpAeAKO55gSTkywXRCTbD_GSX2NdRzUd_5E851sXOz7iqlCgS3u7Qa0Tsda5i1NUHkn1MZg1x4_g6da_fnsd9tWgJ3tCHJjAgp0TO-1F16cCR-Q&sai=AMfl-YRYzdTedRS4AR6oHA2EQfPhnHoj6uw2Rn-9n1Hkp0p_GCrWopxsUVpVUxMn_NZyKLnt2e-zjKqYSm7aN0DumukFsl_-FqSuAnTjq96_6XCpFtP69ayPgg1i9HGPYzEqFjRACr5ZaaUVFqgT5Aa6bmKkGvFedq63cWFcj4dNT2ciAwJEIQtmpjRTSxR1xfVR-Cggy9Gdgoc6S-xRuJbboyLNhDx8yt96ZSQhVFuRVdD2EeFu23Z_i4cAUsI&sig=Cg0ArKJSzOlmXHPwyKKaEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5575&vt=11&dtpt=2039&dett=3&cstd=3524&cisv=r20230815.25801&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 23EE 		0
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 3C26 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rIqqlgstquVXm1l-sqSrcKiJ3Bn0YAP_R6U7yEtuiKU71Vb36wpfXg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C26 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=6CvdZL29DrODjuwPgJ6rwAc&p=ias&bl=0&twt=2883&st=1330
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D133 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18674
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
css
fonts.googleapis.com/ Frame 6907 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 18:51:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:05:02 GMT
/
hal9000.redintelligence.net/scale/ Frame 6907 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6c95d4de193a8a26ca6892c297e1acd7f2a71c2e4d66d6b544d2dee4473e9a15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9890
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6907 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/43862/creativesup/DE-SSV-SN-TakkoFashion-NativeAd-627x627-KW25-1.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
033e41b93aa2196f872217ade1947e46867a70df548e6c63f40d3c2f8051af58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
8095
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 6907 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/627x627-1.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
5ee344bdcbf380697cd1acc598ea5bf7c0c2f31fe3d3bf1443fc01441bd0828c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
9727
Vary
Accept-Encoding
Content-Type
image/png
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AC8D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame AC8D 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame AC8D 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AC8D 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame AC8D 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame AC8D 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
match
c1.adform.net/serving/cookie/ Frame 0B54 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 1171
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6671895379648701912&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6671895379648701912&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
481608a0-ad02-46a6-a102-488454b507fa
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6671895379648701912&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E3E5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=a6APOUbXUbtoMBmgfhVbKbKi0Yg&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=a6APOUbXUbtoMBmgfhVbKbKi0Yg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 20:05:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=a6APOUbXUbtoMBmgfhVbKbKi0Yg&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 2809
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268013674851530905&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268013674851530905&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 16 Aug 2023 20:05:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7268013674851530905&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 8C0B 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230046-FRA
x-timer
S1692216302.084096,VS0,VE92
Pug
simage2.pubmatic.com/AdServer/ Frame 5876
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 16 Aug 2023 20:05:02 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 8F0A
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525887814035
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525887814035
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 16 Aug 2023 20:05:02 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588525887814035
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
mw
mwzeom.zeotap.com/ Frame E374 		95 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f7c4a304a1d18c9-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame E374
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:14 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:13 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E374
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=3602b2996ed525e92c2fab24c96b6d7a&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=bb1b73b341db9703
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d3fbcfefbd&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELEMNoJBq_JCCuXYjGvlh5M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELEMNoJBq_JCCuXYjGvlh5M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d3fbcfefbd&zcluid=bb1b73b341db9703&zdid=1332
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f7c4a416c8918c9-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELEMNoJBq_JCCuXYjGvlh5M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=79362f35-5a59-4786-4b3b-ef34ddf9510b&reqId=ff0169db-98b6-41c5-75f9-f2d3fbcfefbd&zcluid=bb1b73b341db9703&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E374
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a9c792d8-c433-4bda-8e77-53f3288eaba7&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a9c792d8-c433-4bda-8e77-53f3288eaba7&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a9c792d8-c433-4bda-8e77-53f3288eaba7&gdpr=0&gdpr_consent=&gdpr_pd=
date
Wed, 16 Aug 2023 20:05:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E374
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2658299185019424115&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2658299185019424115&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2658299185019424115&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame E374 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame E374
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:034d9e5c-865b-4bb4-b5fc-ef26cbf5ce15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:034d9e5c-865b-4bb4-b5fc-ef26cbf5ce15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:034d9e5c-865b-4bb4-b5fc-ef26cbf5ce15&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 16 Aug 2023 20:05:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
SPug
simage4.pubmatic.com/AdServer/ Frame B97E 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 10F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNQJPKc3Wx8auXrjhFgzGyrNA36P8l73Tu47Ummc_r3joyYTFz6Ii4kTYEHzc7eDAExWC8ybIBpgY3XXtBWIE-ILontNP11Tjj_SyFo3LLnl3T9OGaeA9v5hhCzOj4FAZWThS_dtvDGgVVNl5xUYZQ4qxgR4of5hvk0cxpHL2l2cEEcWgmVeA-gggY6mHofpixtWEHqeudlldH1WCiCHjrzuWSeBZW9eVUJj0pOJAH7aWxlAuXmcjF0mA7FwQ_-q-wtJEctxO2YhKqvmQbNt-So5jvuMUKd63ZAX8Pzj1bRLV16I8WApDxRybDKozvinVFdPtYoC2gayCZhCxQQCFCtA5YLSeI_AXaDzFqNMpSnRXWE0UJqpOruT7RAsbBnDxEL3mRKqgR7fCuf9J9ye7dCVnSKcKnTQsZ_EaWwaAJz7no2LW2QpoThdSADjOitCgAoMV1zGyrzDPQu_a1lJ0rxuaeLkIspuIUiN6Gwm9wTyvz93WPu-9AM1BjehL0NXqB95P6Cd2SNQFesTn9092BzjuFTkoyElYdqRu9gZ5s1M_-8T5xJGKccQGw_krCkWTIfz5thuP4o5c3hUR9LkSO5BRwgeb-j4bzTnu0jmpV88sqbU5qp9Y7cwxgI5d_qKhQhgIjXk6vSKsASJsufhovxUr1I5uDks9c045zCJCzYSY-oXh03PRDjiahv-19WO0JBRdGltIjGWcM4Ntt_CHzVsUwRipEIH9K4LWyWjzz9SXV_H9uGLOsTlea12kdP8cf4l3opreZBEVRKnsy4B8NRlPDl4i8lQXQV4hc4EH63InB8bIc4VNRpNuLYL56XEnIWYSeXVhchnP2VkJnIZTR48u6Vj1CKVu-wYZJ_C5Nobbp2OFoZbEZhXR-tampkScPLQYgW667O5XwVKXsV4Xp4DRsmBR0n-KuoBI0KfMtg-d2vQ6jNCE-m2EFFhvp--E_DDMUCNSIR1xjVFO2dTiXU6m_zhahG7A_o1lRo02LaMJxq3rpdR7-mfvK1dSscOVa4z2d3ek_ZtrwFj5DWkTPIcAlFBveyWeaPeVZn3y7MSggIOcY-qx9nXy8-a4XcgY04SZQ2M8ze4HBj8av41-UTrvZirR8LgmQS0Onveh7DwbdzKW2egbL5MG_Qn_uHklzxp1Uz1rC4sc3NEHb2vjw_iTnqqkkLTaKZMSSRBzhb9cxtHrNamMUy7i1E5QqnFX1Ou2CCprXyBg6SKufQ-77tEHT9I12aKUTdDIEaKBCo3Hh_AaOjNqEY4guTilg&sai=AMfl-YThJizJWmBHV-q3PnBzDMl_DPEKmU415PNVgEWQa_jji5PjDqZr3uUwl3XuhxHGJw_xLT--mUXBWx1fanIASzl6MV7w4oUqo-UgQAhMmKAAZ_wSLdaqgbjj2H1XOTdTscLxCLQbqq8_FbZEk8IziXWVs5aRTea6lFN4MAoC_iEPyN0OT_ZZ-RlZQwvfBDO7Jul-P8ZUhs565O76QKQZqVgXe9xJjrZJ_S7tWmTCC0Nz8PsneX01iWlZDw4&sig=Cg0ArKJSzBDBmDkstRMLEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5165&vt=11&dtpt=1975&dett=3&cstd=3182&cisv=r20230815.63166&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 48B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuMA54aj64aoKuGeSlfMFztNowwIq4zUmvUx98FZRKzZ4STQ6GNOcKk64LRvTJ3iFutWIGU6KY3EWN0qxuMOJ0Np459p2HrMyLX4PfgXwVWXjoZmPJyR_NvjBznFw3Ej6c2V2sSEDKHeNJ2dHMC-zGu6no4h7Jf5j4i5rSkev8H8fYzqisl2LgrlvjV3FZBFe-nldqxBfPxR9bHjFLTBuSgZmSLV5XA4imEtIcq61Mt7RVYUUYQxEe_E_bLHI4V1ThxHgEKucJDD9tF2YEs7esFy0WIFzIw8DpbsGrdrnYVDzRPQRtC1gf3HW4Dsf2eRtXMaBVr8XDnlu8earZr9xSV37r2r6ZMoTzWI7IjVJFjSnFVtuetxD89ZniziqctnVM06ilx_JXu3FE_2TbvXAz6bKZCDfcwTiiewA5odGD6ep631XBPDF6O0VtCbvFNdm7p8J8QeHjmOPZARq9eIcfi4jbFCRug8wgy_WDHd4AxG-r3C2zfwkTRyYBMrzLDLbjO_-ZC-D8Ib312qHJhSI8OxW2XeTtihEVVeDEgdwZQdGqtrBqhAa5jLkc_vNnq8tqwcLvN54L9SN-xyfUbZ3k3o83WtTHTcnOh6UfkEU2ARcOW86f_Xih9qNwmDkQUKqGxBLA2RbSN4iISE3Qz89eb8WDW3CgNuJY4Ir1GQ2hbYUrz9U04drg4072P21EnMvuIzJhSIXf-wqmq9zQ3wRxxecx8wbh6WSVKVUTpRVe4nM45H0Otn_S0l5X_O_HjUHjslXrB1sxFX1NazSqB2ExuQzZs-Jo-4_C8svBXLpU7MtIMdNG9pPONV8jWHPmZqFu0IGP8sycl8yRCxWE6vqro9YYAyn8Df3xlRA7vkq6ShfFaTsgA-tYNbfWfejOkDvtxkXF_gMkHy-diizig9B7rfTNkcaEXbBsKU8W4zL9s-1jF6q7AwDDGWEE3Iuuz0AsWKnTvaj8glt5Xm_lKWWDrCyiFnc9XGWMm9ozLGpgxrwpllOmJkHbHE8RT4lDvgaYhzneV3wTSaEKPIsX4T54y6Ks2uLoK4KLly1ba5SaxDOylLeh1WNcQWmQerh8s-xQfNxwTj9iETWK4nYgQC6LiQUBoyHSK2aiQNjfVBeSehijs-mDACzRfdNMIGk7gtHFnX_BRC1U0JPYNj_QUoZKfRIoC9oXQb7Lne31FUljSQorSFvB8PaMb-CL0JW0p0EJsoVrnnRBOdKIA9NrFfx3RDB5BG1kJeyw20y9xMa1-meYYLIHtJySwPoWNFLYu&sai=AMfl-YR44_xCOd1a534ubdgVwcpbxkD12y8-G2QNrWQVkV5XcvYRYo4iRYlrYP5uS9cy8dAbGRYXUAUdHF1UBzVKSrHPfX4Fm1gVnIoFyI1Qa4QXcEChb9r18yg54Sjil3mtFjKKKpvayA1kLe0AE_A20dAj-cf-Tm9ra_0Oy5WyrUoDBsGrc5AvQ75sw2lBKncZ93df21Va7bHyF-B5nJ4-O28zuRKu9QPciF_q2t-2WaMKcPo9X1DU3a2zEEg&sig=Cg0ArKJSzHmFSH3IvURDEAE&uach_m=[UACH]&pr=8:CC217B09F7FE049F&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4570&vt=11&dtpt=1827&dett=3&cstd=2734&cisv=r20230815.67101&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:02 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurMQe,pingTime:0,time:2567,type:pf,im:%7Bpci:%7Btdr:2269%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:21%7D,%7Br:r,w:728,h:90,t:346%7D,%7Bpiv:100,vs:i,r:,t:2567%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:2567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2562~0,0~100%5D,as:%5B341~0.0,2221~728.90%5D%7D%7D,%7Bsl:i,t:2567,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2562~0,0~100%5D,as:%5B341~0.0,2221~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:784,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:1612%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurMQg,pingTime:0,time:2519,type:pf,im:%7Bpci:%7Btdr:2298%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:728,h:90,t:304%7D,%7Bpiv:100,vs:i,r:,t:2519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:2519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2512~0,0~100%5D,as:%5B297~0.0,2215~728.90%5D%7D%7D,%7Bsl:i,t:2519,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2512~0,0~100%5D,as:%5B297~0.0,2215~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:781,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:2237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame 55CF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FHKkkA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
request_content.php
hal900025.redintelligence.net/ Frame 052A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
535fcbf128b88c0adb54864d8379e552454f9b2e6cfe09b7d8de6d9b220caefa

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2058
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 20:05:02 GMT
Expires
Wed, 16 Aug 2023 21:05:02 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame D7F7 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=62526000171264204444640012418025&pv=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:02 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame D7F7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=62526000171264204444640012418025&pv=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:02 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
impression.php
t23.intelliad.de/ Frame D7F7 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1692216301&co=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.126.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-126-0.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
Apache
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type
image/gif
cache-control
no-store, no-cache, max-age=0, must-revalidate
content-length
43
expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 084A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:05:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D7F7 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
dc_oe=ChMIiPWc9_zhgAMVfImDBx2fjwB2EAAYACDE0qFbQhMIk-Dx9vzhgAMV2do7Ah2Qbgm5;met=1;&timestamp=1692216302209;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1B34 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiPWc9_zhgAMVfImDBx2fjwB2EAAYACDE0qFbQhMIk-Dx9vzhgAMV2do7Ah2Qbgm5;met=1;&timestamp=1692216302209;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C04B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseLIQwvHA-sVfW2syEb4LFYVU1ZjmKKu1xbWm-G2CdfQPfKPRKnQW1Jaqareq6Ze_gY99K7i3GlaDT5FllVujFc8GuaS0vTkDUjkY0Ei6-aWdO4nIrbaBxfn8ec-9uCMk6pca1PcsQBRqJ4Jfe5eoERVa9ob_LqjFvIff8cofF9b6K4ywI21Z_dnoGUFSuq8Ip_s4GjESz1j4eMcn_brjYO9G7x1sWEjUc-XfMgxT9UlzekCOLOv46g-fqJyi7lRmS8B2ONT6e9TSJ2wcN4FWwe0X6mqWD0QD74JQbCZtuspHOAA_RTQ3Rc-UNcvQbCCyWlrTopyg592qCKI3DHBQ&sai=AMfl-YR82tmZm1Tu6qSnVEpa7vNLogURGXOeabyQWT3ADOZIYcbJr9Vqag56FyDO4-72f_RWiCWmu94PUwRVYpqUc1K3jFuYOpSMrpqHB4ej-Dr_IqXUS2sz3iEtk7nOSOg&sig=Cg0ArKJSzDfVg6E37RxbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d&tv=%7Bc:lurMT0,pingTime:-10,time:2104,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216302329%7C%7Cfdb64844db90a97cf71a1d1ae478d976%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C79ea891e0068d9b4b8dc3091cf2a7f8d%7C%7C6d3d80e00482923e81c2e9813d1b30e0%7C%7C09f0eef82ad8c4ae4ffa28284173dd97%7C%7Cb772e0311d290f9540e614a466a5da7c%7C%7C989729d11f09e7a14183382b9a31e408%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurMTD,pingTime:-10,time:2728,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216302368%7C%7C18074e350703c790614578e9e7f4835b%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C37aaa82856b84642860cb2bc6e97e173%7C%7Ce446457c7ef65291c7d6041e4b3019b3%7C%7C9e5a7e26758e96af34837d215ec710ed%7C%7C25404f2b13408f0b28f993598ddc131b%7C%7Cfeefff879ba8c359fe13bf7d7dc0ee9a%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b7e091bf-dd0c-e5ed-f46b-a33ec296f444&tv=%7Bc:lurMTO,pingTime:-10,time:1937,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216301145%7C%7C665787836a55eb3857f33243cfbfc18c%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C3637ac3185890c2ed8e560e6e078480c%7C%7C23b2c33d9beefe59a25f71f9e2971584%7C%7C4d1b96411a40677fdfe913d56a4b1d8e%7C%7C94d7fec7497f717918190062ff502019%7C%7C5370f67e656c0536290fc432b48c39de%7C%7C1663701684,sca:%7Bspg:6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c72c1798-7894-bc5a-cbb1-25f85dc8c3c8&tv=%7Bc:lurMTQ,pingTime:0,time:3113,type:pf,im:%7Bpci:%7Btdr:2812%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:36%7D,%7Br:r,w:728,h:90,t:1778%7D,%7Bpiv:100,vs:i,r:,t:3112%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:3112,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3106~0,1~100%5D,as:%5B1772~0.0,1335~728.90%5D%7D%7D,%7Bsl:i,t:3112,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3106~0,1~100%5D,as:%5B1772~0.0,1335~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:920,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7*.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b7*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:37,sis:1799%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=27e42e3b-393f-932a-e90f-01b28cd34846&tv=%7Bc:lurMTS,pingTime:0,time:2934,type:pf,im:%7Bpci:%7Btdr:2676%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:877%7D,%7Bpiv:100,vs:i,r:,t:2934%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:2934,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2928~0,0~100%5D,as:%5B871~0.0,2057~728.90%5D%7D%7D,%7Bsl:i,t:2934,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2928~0,0~100%5D,as:%5B871~0.0,2057~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:797,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8*.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b8*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1633%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame AE12 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3de29b0a41a45de6a5fa29ef3e52e84659160b97d3d087c3e15c55679afce3bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
Pug
image2.pubmatic.com/AdServer/ Frame 2589
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEN1pVN0p1bGdBQUNRZ0p0eXIxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAD7ZU7JulgAACQgJtyr1Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAD7ZU7JulgAACQgJtyr1Q&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAD7ZU7JulgAACQgJtyr1Q&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2908516355434517834&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7ZU7JulgAACQgJtyr1Q&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7ZU7JulgAACQgJtyr1Q&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 16 Aug 2023 20:05:02 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7ZU7JulgAACQgJtyr1Q&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 918E 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-6
Pug
image2.pubmatic.com/AdServer/ Frame FD76
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8c459b38ab1d4f1288f9b87817b691b4&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8c459b38ab1d4f1288f9b87817b691b4&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU8c459b38ab1d4f1288f9b87817b691b4&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 3B2E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8984347487968648637
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8984347487968648637
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8984347487968648637
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 27EB 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame 80BE 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 16 Aug 2023 20:05:02 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-25969e8472eb@version_1.566
X-core-time
1ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame E8DE
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=jtpdjcoedhb5
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=jtpdjcoedhb5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Wed, 16 Aug 2023 20:05:02 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=jtpdjcoedhb5
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 66D8
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb1b73b341db9703/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhbhTYhYWbQhRTaY&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhbhTYhYWbQhRTaY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhbhTYhYWbQhRTaY&gdpr=0&gdpr_consent=
i.match
s.tribalfusion.com/z/ Frame 0F7E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f7c4a3369ec9b7a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f7c4a322f9e9b7a-FRA
content-type
text/html
date
Wed, 16 Aug 2023 20:05:02 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1294
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B97E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:01 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E114 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1839285118876494&correlator=2200114129167598&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=15&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216302402&lmt=1692209102&adxs=353&adys=797&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=clhcy2d2bxg8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=256&ohw=0&ea=0&psts=AOrYGsm-0OXyEuOXTC5UWWH66nO-EkiTHK48E8KSXNTLx1xGxU2Wq2-CuMvCh-GhRTjXZiIlJ4Kb8s2ZrnV5FaVYHTnqm3id%2CAOrYGsm1uVK8A0SQZoW8Qp0Cia9_FLHzWqg58fQzLWihT1oes8iq4-5U7L9UTZvzKAHpbT1k7X8aN50q5kpxYQZy7Q_T2F2N%2CAOrYGsmDGf1CjEetEFG2p-gcpfC9f2MdzOOj__a3n6f6c96ZoH2cXSU5zG5QzplBXkfXC3OqGgnjcA1x9Nf2U1JtPErxbtwCJvsJixw%2CAOrYGsmDHXJbUZNtKNN2p31MOviyi84NEbLz06pOZQkunX2SZ_0uGWJBo5MWl5RiNXqSmhkPaem0WqGsGc-WVmvKNhqcm29i%2CAOrYGsnq0XaE0XSspKQE_PtQBrN3PR6y2Sa00_w-5WDj8uTcu-OhEVuaBbP6btBqkwB8SU-ow3BANDWdL6rsMNvhwIGJnPJi%2CAOrYGskBW010C_H7KUk7k6XcsJwtyVMRKs7OeIVKKzqQDs5X0YeOSBdtHz8B5-4N5TSrsi2wS36MhlXyGS1yeozugsvenxE2%2CAOrYGskhYIYjxRI3EkacpHNESJHc_RYjZmWSgA3avKmw4LcDXeGp4HfwJJwKLWvOxiYb2MPFfYKc9Dnz1SwPG0NUPy3slY2t%2CAOrYGsm_RMzrNYn0lL4BIC_CAGowgTOAX3FeqvnzqqxWAQSngpGnXa1vF3JMp5Y1RzUbrP5UKzT2FS6rghYngS9y5U0jiXxv&ga_vid=1630745151.1692216289&ga_sid=1692216292&ga_hid=1354096741&ga_fc=true&dlt=1692216289999&idt=827&cust_params=domain%3Didrlabs.com&adks=3215044782
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5f202cae5fed5a94f7c15ced7477f68996064f5d54b601c362929004bfebad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11672
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346190
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A07D 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5800996614959&version=m202307240101&ct=76&x=8&cor=3995582396244411000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=3572178489060078&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216302426&lmt=1692209102&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=2renkpq1bk4d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&psts=AOrYGslvgyXu_RoCUNuwkeEVNJp809JecMoNBLCSjyTWe3Eeun6N82bqNv5372f3SJbuWe5DN0kuJ5T5uAWVIJyyJlOfKLe6EZ8ARWE%2CAOrYGskYQl7f0xsff6kZp7OyS1uAqWqFGeZ_nxa9wnlYJaCarSveZ6LeIMekrag2U5AE5FMdpx2wwSfT5RFZjwve9ARHumATUrhh4nQ%2CAOrYGsld1JjDTOK2HKQL1wnotuVNFIJSxvKBij91ds2_lRHbgQ_vOLvL43EeumKRCfWoQ4IgVg8-uKtI8fhnUqcSt4HCpRHb428EE-Y%2CAOrYGskfn6fII3u5wlLIjvQj7r2ljw-fAjI9he2ka5zzGo8BEstGmCHMM0OY8dOpVd-dN41wC38LHS2YUKl7kMW7-TD3l-Lp1mbSoAE%2CAOrYGsnEOlSOmKvSxuEqJkjwntuuhPh7FAltRQ968fab9v63WvU0ICpqLg3Ysv9wDvWgR09X6JGktVZwP2vlHDvm8rZKutLF_54WF2c%2CAOrYGsnN9jMwn435SUR705HA-JJWETYHAH02yEL-2Nr6F1hIL5xHijsApxw1SZqUQl5uQZa_0oFrW2XvuSVgZrnXiX2J2oCM9qSeTck%2CAOrYGslmZrtspbpZyqVD7zWsiNUFwXReUOYyg9IdkrYNbJaagKxjo3fxgKqxJRIo1qj3A1CZNzgX0btbewC19mx2HDI05fyich4gn9I%2CAOrYGskIRYEjGLBdwutEJOeMLGkX-USL7ywC3GluRbrSBF1klz3RQrMSwcaxMyDu5SP27zsY9d4EtAHoOjAltBv5_FjfMXx1V8uAris%2CAOrYGslVQm6SZH7O46Emc44Oo_6E8z4c1Jh2uYwcbUNLWw4LyTQeF_lFY5SfDD30gsGJP9o175pcrZf7XWTvHmSQBTYnFnFk&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.04%26hb_adid_rubicon%3D178447a098deedb2%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D178447a098deedb2%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2445953488
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f3dfff639c0587b38d1cdbb79c5abf7fe9d1eebd5464bbee5802233526d5b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11645
x-xss-protection
0
google-lineitem-id
5111853547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame A706 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9601 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DD3E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171372449&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209102&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299770&bpp=1354&bdt=2702&idt=2699&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216302&ga_hid=685700440&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=1233984899&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C31076469%2C31076877%2C31077148%2C44798323%2C44796312&oid=2&pvsid=1131171187450178&tmod=436582539&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.14dp6bm952cw&fsb=1&dtd=2712
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 5363 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 3AAB 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 37C1 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171369432&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209102&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216299752&bpp=1608&bdt=2751&idt=2838&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216303&ga_hid=611266150&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3950297984&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076877%2C31077085%2C31077148%2C44799568%2C44798323%2C44796312&oid=2&pvsid=2736541321062988&tmod=195289885&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.oicf93c9xiam&fsb=1&dtd=2845
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 084A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18674
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
css
fonts.googleapis.com/ Frame 052A 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 19:14:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:05:02 GMT
/
hal9000.redintelligence.net/scale/ Frame 052A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
2cb45815f754fe55a08e8c2f94e04d0be447821052f7594c7b6d5bebacf149a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16840
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 052A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
1e90c5a79750e87bc56d05a46dfba04402328d78355e93dc3fca8b37e508adcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10941
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 052A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
942dfb95fc252b80582ef8de17048931e3020b85643fc7ad1bbe2122190a1847

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
10144
Vary
Accept-Encoding
Content-Type
image/png
bl-0211e21-432e39ee.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9DE2 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/bl-0211e21-432e39ee.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:57:34 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
KJNOFQ4cor9tQ3oquej3Jr.xW9DWpvCd
x-amz-cf-pop
PRG50-C1
age
4049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29071
x-amz-meta-git_commit
0211e21
last-modified
Wed, 16 Aug 2023 18:37:11 GMT
server
AmazonS3
etag
"ea49262f3f1d76ec09e9d58914510d14"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6TTklawxXTskROg1IUrgEpWNhplyEnVviYGdrHjqLHoZGiyOVvTpwQ==
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 9DE2 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
MW4BGdt9lTNsUv60U-edYytm7VQ4lYCcGCgtZazTlwSrdqwjey-3qw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE2 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6oRkjj81AuRVpTxK6LJRS9fDBm--ZzK1-Kucbv8huaoEYb7kglTXouGUEi72ygZjz5rWdzz-0dY2Oh-vQiaO3sSPirZm38x5U6cj-IV2D3d-MBoI
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE2 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1777022829310268100&x=1&ct=76
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9DE2 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 9DE2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
5395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 9DE2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:35:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8262
x-xss-protection
0
server
cafe
etag
6392178368060142121
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 18:35:10 GMT
l
www.google.com/ads/measurement/ Frame 9DE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYbWigat56TM2MfVGgLIjSlD_VgfHUCTUZN-VAtSio67BXKWrMSJUOMiE64isvGPRVGIWN
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9DE2 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame 7538 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bf71fa7894fee5dbf8ac3f5e2dd2f594d75345bdc6a65b587227adf4257bbfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128228
x-xss-protection
0
server
cafe
etag
6834322400070177045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3C26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMs4h7jBxk3zRYXFxSDoQva2o16fTN_g_tDnIrz8T-xYXBPr2ivx18-lKWqljxYgHml4mEjsDw8ySB7UZ33LboaerdMT8dBJzRlvA64ad6L3AHxyImuN4eO33PpKMQqPhVSE4qOIwk0BSE_CpTbE64NswJWPZ-mwQOJSFn1lR64i3-fcSa_sLMrxEfsn5R6403aD4d5q8ow2hoXfMdOZrFZaMUBo_FaLjBkFho8EM-f1GX8yfw3zmbv73jDUpnkROS9I6mJABgZAtn_WV4eXd9SYv9ClFluvGGucCGA5UOXFDMmO1hOPChRRIhoAz3sIyMk1RBmNs90zyqTHX-W4N-lg&sai=AMfl-YSbKvDvHLTUya-YjEmPjZbIilYQK3l2pmHtyn9a-EjATNjh3jo5kq5Oijc4rOfwY4M--z2tdtmop-6u-AmB-i9-tXb6xM9PY_Fbv_tJQCJMw_2ofQpNzUQuKSLb1D4&sig=Cg0ArKJSzIpjVStvMBhCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4954 		502 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGNzY8O8BMAE&v=APEucNVXcimQCkrcVzD4KAA1JsZAlOpRT7EHpN7cSQ3gSbpRdB9D8qVQ5871WDcrAe3yYPMZOmfSKRafdw7GDQXAMqP01cU99NmakTJuOlyfAFkSMGxPYIupxugvwqOy9Zv1akyFobXOVbE0vU1H4xl_AaIvFH1AvjX8GrT7bYcsx_N7T34Fq5g
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
220
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3C26 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C26 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCXeyJ802O2lxqx77z2n7K3xPUDC6UJdpn7TTU1c8FqxklFX4x84krHW1-Zj6LGBGwu6Bw4QBv-zJzsKwOSaD2YCSRCP88EccbOnk71qpKPLhdSxI
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C26 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15813164158791599350&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1d596cc2-c8fe-461f-b2a6-ab5c675d79f2
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3C26 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/1d596cc2-c8fe-461f-b2a6-ab5c675d79f2?oo=0&accountId=24022&siteId=409990&zoneId=2299318&sizeId=15&e=6A1E40E384DA563BBCE7E0F58E9FC69C0A5A5D9C54945C6C6E181087D30EC93386CAAB2063DF0DD336393AA7D58D411A6EB69AE2A0CA654B23DE48ACE5C9044BD0CE67F956F47DF03746AE4E2874436F3A2934AE2E9D7C067153A1929468C60D129F04E9D2C971CBAE63582583F4885C3A991B2460795215CADA42A24D36DAC769A8906358651F33B0A4C32297B849CAFF34A6ADA299B112E266B4447EEE8ADAC7FEE63E08C74FF29368333998FB9881E4AA3487A5951A49E82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 48B5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvnw70KFQG6lDdfm19J9OeSat3VtYHitS8Gv0fMgUgxpjr0VsNEB7bL6oT-fi0vUpOyKktrDmEeGykKgOGKDo2D4MOEXLHytqUpCisYQIhJfI&sig=Cg0ArKJSzGMKpuUudRygEAE&id=lidar2&mcvt=1522&p=0,0,90,728&mtos=1522,1522,1522,1522,1522&tos=1522,0,0,0,0&v=20230816&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293296&rpt=8081&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900010.redintelligence.net/ Frame 6907 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=64536700147702304444640012418010&a=f6585f2e&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:02 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame 498E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9vKqzxGkluHhB_Q021yDpn9EvOExkdnlmebSSt9h7eTjtEOcER9LnGfjgfZwac1DyuF0shkmsV27cbrTJHUUE2HNk1R7snXvSiLFD2kMjwEAEO9aqNS7LjCArdkctqN6VOW6MfNVaIMBP8nkyhpzbeRJO0YcULNLsJ7IUV4voSK4_0Jj78n-9nitoXxWZbjKrK5XwJWFB8CWKl2jWF4E86mxSRoSkoUJnKB8x_SsNvtr7GALVbgiavrz3FMA4CnAZ2JOAMKE7pDqBXJwwHONwsnghxof1QGSBhSyobZl9Vt2FHHianRCzKef2UZq-AUobt5slctlTup_rNZX283j-dEgb9qes1bI59UEwb2zYAtcyGQokUdAkCFDFgbkXl-Asj4qqyjWIzZFw-7NazolR1aYNm6XGG2b1GO-7KelRcjd2rcXaTFe_0GJ0Luwz5hWTaGb0qZO8pjYAtBQ528iaADJdaDV_0aLqvrDnnYPBXxrr--asucPp6anig--iPvL3sxzEkb10SEsTZ_Qn4TSkEj37VkrkT_O7bdWkDcYO48cTW4Vo93KXPMgJwabT1-fH2lU_7mz71LhC0zdApHs5479AIBKgkGg97Wen-sX52EkJhlsyvQIx4L50lduaP9C5lFw05v50Ad1_UyXHGGSqraN5BnoE8fdRkuJsMxVb-1jh3VFyyWONfmdyYwKZW78hbAi5FYy0h_3l2p3GfFyXyoowhWqNsJT_KIX6qvsNo3xn9TOfoc7NBdl6mA2t1gx3tQJ_vUiRVIYP5bzQeZb9esGT01gYtFXylaFy6zcfshCIg9kWlUqSG1pNQvbjRUJNuwBdzqhUq2JqGy8bzd6d8fUAiXjaZIFmXHdRMqeAU5-YJu5LqkYs_wo992QWpsF-OEFIWuLo11kJlBTwzyomPVL2cUAKjcvOLbRhH0JXxTYQelvTaSrh-Ydlww_YqGRJASZ5yKL-Oqiz4uJM8scZ4c-vQ5R7KFjYKqfsh7y24GLBhQeVocb2JimswhlnXXLdKf0owtve5AkJ_dKZfaGhHHKnLtyhJX-3qX3mxT4hzo8291OozZYehjZsuNu4BEGJPP2ntTRaIqJmAUEksAfwO6nejVEt98dKL9IG57hTRVUqQCWO8nVvMElqZNTSiSmOc92VLwhnotK-sWJbMAxwQbgc5HnL2T_Lpgy-3vlBYMCb90a8iTuvaItlCSg87UCePi85-3tfOCnNOLR37asg_0WNLKWxLkdmMXhM3jQWyYP92WACCQgdk-iqk2t5&sai=AMfl-YRdVLIFaZpuRerZbSZnXFSk4MkyO-dF0j6wWTobtGSJZPP3vbya2eWPRwvXCNuYk7bsSvtmWbD-TIRXwGz0BJ2ADXvRfqzMSo1sPUTwBXeDmbEOl0ycycU5mFtXTDtyQdL-zOHwItXK98dYjmhAUo1fh-aQ-v3Z4g-Bvxv1BN3Zr0XpTg9Xl5XCLr6Jh3e16PFgKGgsxf3KrLnafnRCNhR1OzCcVBrE718LwdSONxI8AsKVhUeACN7WlBc&sig=Cg0ArKJSzDyyhUsowngeEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3967&vt=11&dtpt=1905&dett=3&cstd=2052&cisv=r20230815.06254&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:02 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 143E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1642 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVvfCqQWz914Yly79piHllwnxkhZ5btKPd3-FBTsOhDHhXAnFY06A9CJNW-fHqxR8fRbZ67vME6cZuCseGdM5Hcsma8aFsRJk9Jrxe3_vqwrU&sig=Cg0ArKJSzCuJ0h66I_sdEAE&id=lidar2&mcvt=1488&p=0,0,90,728&mtos=1488,1488,1488,1488,1488&tos=1488,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292633&rpt=8855&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 937B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BRRJfVe_jtcWc-rdLo7jpympZTMe67I-8MHYj5gxMrWia4FLZLTbEg==
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 937B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb25f0912c8bdd1798908235d08153422ee919610c60dae3cb647744753fc6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7913
x-xss-protection
0
server
cafe
etag
18061389333922784887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 937B 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:03 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 9EBB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 9EBB 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 9EBB 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9EBB 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9EBB 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 9EBB 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 705F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnEp0oMQCzuCGqCNpQ8uOmUVnVZWbp4dgoJ61IE-3E-sJZwGRwxr57vtdqIxjUNNFObPrhElQRxazm5_ch17Vb_C1BiljFOCeryy5jC3Ebl1D0SgDc-ufZaeJCw4TRYnU-88De0sKrBail14azv-rRS_3GFk_H4hxsOKjT2cTCORbmfuizzCuCfJVcaNTnBaOOJqhz8hzbk0FPK-_GuzhErkSu6jVDh1t35cWvJGTXovMMFX0Qo4u9f4a-JctISypx9YpDSpOikN4lzh6whw2RPyDZPZP0CiGQsoIpG_gn7U76EWnhtXvsJ3FRrBOikE6Ab89R5uD9JrOVVntHqNMHELNCBkXWJ6KVsIs8OA8vR3oZhjMQjgxnxcSOBf92HfcUykhm71MEPqUM9u7BWMFtZBTkLO8liHtnpTxF-jju4GCpMRV8H5YWUjKJ2SegaBl9TCp2dfA-kG3r4sKCAQhqwhZ3GoCqgeqAjLNmU31tLZ0QVBSM7-95AIBlvK9OUG2ko2pioqtLPxaxP1mf-fBwBBG1vDLSgU_BYkdhQqBNB3iYeUYFdF5wPIbZYBmLHUROMWIXKwKAXegxN86u98BGOVC3UcKejxV_7xcQVL7c3tVEBVv949Q-DnuDbabBwlNrxoCD9ExHnsHS_orL7lO_HbZWeVCoVQ1dUWwRbv7T-LmBWX6eqUfSEnpz66DnPtC8VpxlzgSNeN9tClLCSYjf1bEfadLroXHX5OG-jZnMMsvnAmbg1tVY2T6pezZEyFel5exZAzY68jcZx2bg1w1rwkZMrsNFcUymiO10IqCfiuC2msD-l2VL5Z5bBowML37tvgL4NLehuZgCNJlN3rWq0w8my7XyfVBP2fk6YhQkgp6SssBjH9m1dIZ0a-ZInUtFtlZMUVAukkH3AX2EmUMDuFlHxsuW1HTYUXeLqkRrHqhNdveRj0gW8JJewYJTnhtTu0fGZPmUaKckOyqzEtNVioUBs8s6OATRw2ZB90ITY8XE_1sXuv5_rLPOLJyJHsmdX4_ljPPxkcKMrxrVMACB94MNa1Av3RulBAjs7mPgKfexnAbanT1KSomjU-U-96CQQfuemhtmXAZXDFiTGd3qYdR1GfRjfdhXQhkh2zA6dqtpQgJI8iE_kFrHPN4sCE4qjCr9J0Hif1z2Tq4A_xSzJzGZti0lSYPB5QsrvShM546ghJWo0iedXU-R6ZegriF9NyYeTkrRw0XAVZEd5OnhiYgw5TH7KGMBn3BXVCaBJFTslMqg39TTS3LUKVhi&sai=AMfl-YSZTaiGt8bUVu6BX5jNl-YQS0kblphZ7GeQw-djZf2vfUhzg3hYO07Yfuo0qyQwG3WR2ULlQSGzI8P2x3PKakBy9L_PJ6cCvcfiN22ax63LM5CAz8hcnWtI7vgTmlLf0IVi0fkzSo3HL71sFdjNr1Ak7VYIYz4d2WCxGfolCOmYWoiLjtjIKSc6pOynIlbDwzSRew9ILtuqZQo8GqeXnjScjk56HHXKackH5ZCxa2C3zK190eV4BRFv004&sig=Cg0ArKJSzIymTMHpPx8GEAE&uach_m=[UACH]&pr=8:F7FCD69435F0D2E5&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3948&vt=11&dtpt=2014&dett=3&cstd=1926&cisv=r20230815.61628&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5F67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfmmeFEDPiaUVaxVP4MZKRNa-wJwjLE_DXaB2rK3fDxTPl88vxAbT-aOeWUm93tbW7nSkr9hoQV-MHwwhTTHkMfXxvyMCIPv6aYmCsBwk056n7J_wXVO9vveMUIUD4J5UO8JeumJMUnp1ZMKrDRWKolrtIYuXw1j9bJYkTJFJnrljc3Rd_FcoJX0GbOHibRFsaq-mBrRJIToUetul-JGUqMZoeBXcSYuQhA5UTKTQhvsM0yx3QNwixZ3zOck01bcaurIQISQOLk02dOefLU5npBuzidxu3RWiPSnEVHa0d_30NFqal19YIfeEADny_8rh1DzCqNzL4uO0tjXu4vASB7Q&sai=AMfl-YT6WVY0aMMVv8r3p161BGwPyfl9Fqw8lkRfwmK_NUDbndHruGG9-qT6Fdq6DXTPgtpbny3Syr2Uj_7_oHCQxHknLSU07tzNSfBZcQd3QXgED2t4DG86g86za4-mReo&sig=Cg0ArKJSzKJfoRjMLYQ0EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5F67 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25adbaea9758142daf4d0be260e1be3b19b540b5c0a36977a08e653c1e3c3913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11722
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurN5X,pingTime:1,time:5507,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D,%7Br:r,w:728,h:90,t:1605%7D,%7Bpiv:100,vs:i,r:,t:4066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1441,o:4066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4061~0,1~100%5D,as:%5B1601~0.0,2461~728.90%5D%7D%7D,%7Bsl:i,t:4066,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1440~100%5D,as:%5B1440~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:862,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b4%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:2452%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurN5X,pingTime:1,time:5507,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D,%7Br:r,w:728,h:90,t:1605%7D,%7Bpiv:100,vs:i,r:,t:4066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1441,o:4066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4061~0,1~100%5D,as:%5B1601~0.0,2461~728.90%5D%7D%7D,%7Bsl:i,t:4066,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1440~100%5D,as:%5B1440~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:862,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b4%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:2452,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C04B 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0afd9143ce89fb191f39969896914084d223d3048a2c24493fb56ee32414dfb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50796
x-xss-protection
0
server
cafe
etag
15325323702593381032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:03 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 54ED 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 54ED 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 54ED 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 54ED 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 54ED 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 54ED 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
truncated
/ Frame C04B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d408257fe4d4de006e63fd03d7c0af3a8ebf602fe2dfdd117bd7d7222f184e9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D7F7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ffe2aaab1bef4604c7a662868e7fa4293112f762c706419c72cda3f8805fb1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurN6T,pingTime:1,time:3600,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:21%7D,%7Br:r,w:728,h:90,t:346%7D,%7Bpiv:100,vs:i,r:,t:2567%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1033,o:2567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2562~0,1~100%5D,as:%5B341~0.0,2222~728.90%5D%7D%7D,%7Bsl:i,t:2567,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1007,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:1612%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurN6T,pingTime:1,time:3600,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:21%7D,%7Br:r,w:728,h:90,t:346%7D,%7Bpiv:100,vs:i,r:,t:2567%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1033,o:2567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2562~0,1~100%5D,as:%5B341~0.0,2222~728.90%5D%7D%7D,%7Bsl:i,t:2567,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1007,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:1612,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurN6U,pingTime:1,time:3551,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:728,h:90,t:304%7D,%7Bpiv:100,vs:i,r:,t:2519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1032,o:2519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2512~0,1~100%5D,as:%5B297~0.0,2216~728.90%5D%7D%7D,%7Bsl:i,t:2519,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1005,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:2237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurN6V,pingTime:1,time:3552,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:728,h:90,t:304%7D,%7Bpiv:100,vs:i,r:,t:2519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1033,o:2519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2512~0,1~100%5D,as:%5B297~0.0,2216~728.90%5D%7D%7D,%7Bsl:i,t:2519,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1005,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:2237,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame FB3B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGXlY4HJyLln7BjnZ3EYHq9U23ga54pdD9-to1P1gRI5kXl3YJlbXxmTwTxyDeFzeecEGkRxsSoDskHiRhy2BJ0lM3xdFlBG7Y1sFiA2ZWcy6yw4LiVKRQ48HyF8eNV-5ZubvzGriUVryssChvfJGz_vq4gyrty2HhiIT5-2x2NwkWyKguYUVKng-AifbBytbQkMhh2WGYiiVBZ6CxRdhWvRNFx-OLFlKPtxXWjc6edkIj5rWzTJ9KF3NLhfrBhPc9jd_7YM50JQDDLdxZoZUixcv-4eqb7wckZinZvDXSVZBKY93XggO2CpEuI4Oo62Hq4gCOnM_AmvDMvJgB5C-tUg&sai=AMfl-YTLbMQUoFPpKFfHh0Mxfqgrjtgylib1wOLmcMMFkhj_zd5th4QNqbTMYU_SGLmRL4zxAOVnWQ-DFLbPWkPGVie5ubjNU86G254uz2yENx8PDp6kmY1IwZQDYcxwqqk&sig=Cg0ArKJSzJvvW4iQASD_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB3B 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af4b89e59d792f7f7fc336724d6fe2b5f1da9020c7bbdfe21bc98059c3cd7e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11750
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d&tv=%7Bc:lurN7h,pingTime:0,time:2989,type:pf,im:%7Bpci:%7Btdr:2699%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:728,h:90,t:838%7D,%7Bpiv:100,vs:i,r:,t:2988%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:2988,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2979~0,1~100%5D,as:%5B829~0.0,2151~728.90%5D%7D%7D,%7Bsl:i,t:2988,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2979~0,1~100%5D,as:%5B829~0.0,2151~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1030,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1b92%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb*.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bb*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:31,sis:1555%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 10F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGX2kRgSL4r6Gy4cLin5hqOKO-ZQ7nnI9rkRUWsKirrPDWYJEf7Rz6oGH2tgep822D51Sawwvmd3X7nJN5UFmWu81W-m4s6vsFrXTo34W_iH0&sig=Cg0ArKJSzO_lkNiRS2Q-EAE&id=lidar2&mcvt=1387&p=0,0,90,728&mtos=1387,1387,1387,1387,1387&tos=1387,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292974&rpt=8772&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1642 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3204263294086&version=m202307240101&ct=76&x=8&cor=4029020945664093000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 77A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 77A1 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 77A1 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 77A1 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 77A1 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 77A1 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9576 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4EtoEnxpupsKP250Cikc14B5yTrKkpau-84DnRoOY0lmVJeSTN3aF2x5HTBBKILGsa2f5NMWKiCpoWuPuQsmu3WNbGC-3lMQV92cbcK-GE7s&sig=Cg0ArKJSzEq8cf5_Tp56EAE&id=lidar2&mcvt=1297&p=0,0,90,728&mtos=1297,1297,1297,1297,1297&tos=1297,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216292929&rpt=8929&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
googlegdn_sync
x.dlx.addthis.com/e/ Frame 4954
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_cm
  • https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBuBWCbchasBSg_HhmCPLyk&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBuBWCbchasBSg_HhmCPLyk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGNzY8O8BMAE&v=APEucNVXcimQCkrcVzD4KAA1JsZAlOpRT7EHpN7cSQ3gSbpRdB9D8qVQ5871WDcrAe3yYPMZOmfSKRafdw7GDQXAMqP01cU99NmakTJuOlyfAFkSMGxPYIupxugvwqOy9Zv1akyFobXOVbE0vU1H4xl_AaIvFH1AvjX8GrT7bYcsx_N7T34Fq5g
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 16 Aug 2023 20:05:03 GMT
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.dlx.addthis.com/e/googlegdn_sync?na_exid=CAESEBuBWCbchasBSg_HhmCPLyk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4954
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJg7BuXIGZ0UlVGET2t7dyQ&google_cver=1
43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJg7BuXIGZ0UlVGET2t7dyQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGNzY8O8BMAE&v=APEucNVXcimQCkrcVzD4KAA1JsZAlOpRT7EHpN7cSQ3gSbpRdB9D8qVQ5871WDcrAe3yYPMZOmfSKRafdw7GDQXAMqP01cU99NmakTJuOlyfAFkSMGxPYIupxugvwqOy9Zv1akyFobXOVbE0vU1H4xl_AaIvFH1AvjX8GrT7bYcsx_N7T34Fq5g
Protocol
H2
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJg7BuXIGZ0UlVGET2t7dyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4954 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGNzY8O8BMAE&v=APEucNVXcimQCkrcVzD4KAA1JsZAlOpRT7EHpN7cSQ3gSbpRdB9D8qVQ5871WDcrAe3yYPMZOmfSKRafdw7GDQXAMqP01cU99NmakTJuOlyfAFkSMGxPYIupxugvwqOy9Zv1akyFobXOVbE0vU1H4xl_AaIvFH1AvjX8GrT7bYcsx_N7T34Fq5g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:02 GMT
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9576 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6741783178147&version=m202307240101&ct=76&x=8&cor=10526078154435510000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 26C7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 26C7 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 26C7 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 26C7 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 26C7 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 26C7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5C1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZWMq4RiRrJGgN9r8NYBQlBeQG77OOrq6P2eW1D5v5-CYTVj_JPyE_q6WzvV5-2e4XUfKBfQz8O__MgdR0VbhBpgpCo66stdJNCkcOrBTB0xWPE55PbBnt1KLn7GnRcFarDx7ZgEXXeI01TJmGETSfWfsePD8ewdnn0p_yivQqzvINRczqGozAJa_E4tKKB3baS7p7xQm6SfT1TwRtq2Tyvof4Zl8eJ4rn36iNhZdzbXry1p8Zm0DKUIab0or1-6wO76lpGqFoJKL8qwjGwQgEFbyZvrAhaUahg4YnPPmKznhXLoPGLKoLOomWfUxnIgvfhWuEMILYpbxq9Lw8Vv4CGg&sai=AMfl-YTxR3g1cnfWIpwsvEIJSMUm5adgY8mcbFcvnEJKGAzeSQ9HMuSbhbakmEJ1bxZXS-Ejc0ruPVYtGtK_xg-kHhnWtGcjubAZlUdyE9a076yhCredC512OXTnafWeqzI&sig=Cg0ArKJSzDiWodl-QBz8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5C1B 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077066
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfd9f2e75d343c7cb81f92ac7c2c738dacdc322120a5af72f239aeac7b0d7c35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11765
x-xss-protection
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame 92B5 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
srs0F1Hb0Aam-tH7F7gwaHTxmMK1crDjmnL1qougsdnvlN6lWiQSvA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92B5 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:03 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b7e091bf-dd0c-e5ed-f46b-a33ec296f444&tv=%7Bc:lurN9Q,pingTime:0,time:2931,type:pf,im:%7Bpci:%7Btdr:2664%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:708%7D,%7Bpiv:100,vs:i,r:,t:2930%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:2930,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2923~0,1~100%5D,as:%5B701~0.0,2223~728.90%5D%7D%7D,%7Bsl:i,t:2930,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2923~0,1~100%5D,as:%5B701~0.0,2223~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1009,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1ba*.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bb3%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1ba*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1606%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c72c1798-7894-bc5a-cbb1-25f85dc8c3c8&tv=%7Bc:lurNa4,pingTime:1,time:4119,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:36%7D,%7Br:r,w:728,h:90,t:1778%7D,%7Bpiv:100,vs:i,r:,t:3112%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1007,o:3112,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3106~0,1~100%5D,as:%5B1772~0.0,1335~728.90%5D%7D%7D,%7Bsl:i,t:3112,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:838,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7*.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b7*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:37,sis:1799%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=c72c1798-7894-bc5a-cbb1-25f85dc8c3c8&tv=%7Bc:lurNa4,pingTime:1,time:4119,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:36%7D,%7Br:r,w:728,h:90,t:1778%7D,%7Bpiv:100,vs:i,r:,t:3112%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1007,o:3112,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3106~0,1~100%5D,as:%5B1772~0.0,1335~728.90%5D%7D%7D,%7Bsl:i,t:3112,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:838,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7*.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b7*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:37,sis:1799,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=27e42e3b-393f-932a-e90f-01b28cd34846&tv=%7Bc:lurNa5,pingTime:1,time:3939,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:877%7D,%7Bpiv:100,vs:i,r:,t:2934%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1005,o:2934,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2928~0,1~100%5D,as:%5B871~0.0,2058~728.90%5D%7D%7D,%7Bsl:i,t:2934,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:845,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8*.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b8*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1633%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=27e42e3b-393f-932a-e90f-01b28cd34846&tv=%7Bc:lurNa6,pingTime:1,time:3940,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:877%7D,%7Bpiv:100,vs:i,r:,t:2934%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1006,o:2934,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2928~0,1~100%5D,as:%5B871~0.0,2058~728.90%5D%7D%7D,%7Bsl:i,t:2934,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:845,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8*.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b8*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1633,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10F2 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7892774680340&version=m202307240101&ct=76&x=8&cor=17924925679700402000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 48B5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=273948435656&version=m202307240101&ct=76&x=8&cor=17681578322248075000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 498E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIoB94jbYreQ2kMc2zQVP5689Q6o-EWBN0TyUnV9p5o-rlfktwTp75SfHgfM0Mj069eHUo2HhXKIXL5188FLCB6NvZEXB6G1wB5nGSnU90Z5c&sig=Cg0ArKJSzPslTDe_zeUzEAE&id=lidar2&mcvt=1285&p=0,0,90,728&mtos=1285,1285,1285,1285,1285&tos=1285,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216294214&rpt=7920&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900025.redintelligence.net/ Frame 052A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=62526000171264204444640012418025&a=df9c6536&vb=m
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:03 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5F67 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 705F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbKZOibvKqEK4Xe34N3EtmIF2Jplo-F-ejf7QXLeyTPxjYp06-ctp1tTWicdVXh1a2mswvOaSCONWzHAufCm6dHBFbv0cV3dv3DQMEV11hXlI&sig=Cg0ArKJSzMYbSXuK1cL-EAE&id=lidar2&mcvt=1205&p=0,0,90,728&mtos=1205,1205,1205,1205,1205&tos=1205,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293602&rpt=8594&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C26 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4328282484237&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C26 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4328282484237&version=m202307240101&ct=76&x=8&cor=15813164158791600000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3C26 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjEdynKJEjLbaFyf3Hko55yw9OchZr22UESa2AuOViKgmMwzXFbVNKNcv4dPbziwn1JZU3zREfBmIOLEn6yY9iS3nyCZdSIZo_Oy0g1w1nheW7HZWZMdPR0OIsSAeiPCPC0tHoImbLWAaJB6Dwq5ajoYzsuhJbwatXfpdmNlvhmi6mN3U&dbm_d=AKAmf-DtkREgUlH6QYH0PqAZ-3XP2JPR1-PCFQxB7mprrobTpgHSmrKpnA8-FdMsV5oxhua-3T_6dLZb10Eo1pl_YgL_IirPbBG9S87q607C-3ml8Hv0IUPyCASrlz-i_J6P5le2zQyKZUPErHY3GYY2Oot8ZRPPWKSUrJJYF-UcNsNLSEDN79ll22U3zK7KrhWqaPiyVOpKlnmNsmdNgKzHp8BnXZmJY0QPbrUUFF5I1VXoZu75S7_fmEj8ve7iWAanzgVsUOh54qgvOj1bS8uBMB1tadUjvNsi_Pk1O3D1NgX5S-owSD2HoUbpG16P7PpqIXq4TC_fC5khyB4yZp4diB0N3zZpn8cwCnV4seGq-LJ7q68JKotKDa8AT3hJB85Qg4NwjKM6xiV4g8vNjFDVhgcNfZHfXaZHIJ8aGCtSHrqoQNBKHVq_qE4qo-WjrdGsku3S6UYloc43gv2vDeS36k_FFpB7w7QECGM2k8jn3VY8Clx2sTmaW1rI4eOHk3T7Dw_gWZXaTdQZ2djWjVjw2kRwYKv7nayx1lE8awX2RGi7dVgVxFaTARo0wL4wZFEoFXr1eHMTxrGPqXoa5TquyOsNn6EzSXRMr-sm-QHURHWMlEvMdktHx4fiCo0DltijKR8_KBqgH8MRbvmDIp7sbT40CSN_UmenraQUI4FMBk4eoPJzdUnXml7MIRIMbainl1lMO2chu_lvpfBh9gVySNBGuVhNH7675Qpz-jcZmbDso6SIWPbfsSh4G_dKf9JhQBaatsY2vpLDiycz19j5LwFMLmNXjTr4HakpBW7fAYMgTkP1_9LfCxSB8dbqrfkodH6BsMVrL0Bx8-Hj7cfSvbEYktlgzw5Jdlb4bC0ntuHuDfYHcD5bW0_3rEK65FQO1cBd-UlQQRxtxgQJkaGMvdtjAWn2syipHEakrfabKNIRVPZUhb1RjOD-ce3TNNCaIJZPZlXLxqYAoEscWyf8B-wLiFiUwgqpfQOGyq6SiTboKUfrKY8oUYiPN0RZ-_Evo20smpFofT2ct-S4qV74tCETpWMg7E4UiLiNCIJ3NjTJfR7UjpYR1o92vsg_Pab-NQVAkO9VgNDtjMtyJ7PafGElgp1u7MKV2RVF9pNIR60m9SsEryiUxmpzkSSo9ijbl8c8HMPH3_3xSL-Out8TTjsp3yQC3wO8FVia9pRZkWrgsitxi7p4Fwp-mQn1FjY-NhgzAa2nzD9G9UYZKeDnbgFoPHnaZa6dH3xCrrRxCpi89U7eY9sSOqUhFYFtjes3CMlMyZ5CDnB6x7Lg-1NgKkGPG7-_Rf38jXhUTuzOncu3IKcgCqW954q-XCrdygGODx4jC2iIc3G2RYfwAKtCvE7_skTBFdMZCH0scBeNgW1mExhcslp3aGFMfraoSB_nIaSw4ddDEL5fK0YFdvmsJvTlTlkIB7YjTjGbjULCC6frcMcL_lmlEQF0AC_MNfrFDh7q336ISn0rrz2_ORK44TowssjGAFjfySHiaB2YfMrYqeuxbA0oe9BSZR_AoBx53YOb_rYf5j-yfcIZ6nsuZ3FO7J3X0YK9W4E61mQ-7nVOxRV1FUbvjNd9NchSo8HtKbCa_boh5CxlVy5gYuc8h8upRdEBKl_2JZlxLwAcXYxT2tKXYGVCyy-16lE5tXTXWwzCPRiNlA9aAjiFE-0i3dL8QS7Ke5Nee96LHAJLKl5R5ohoYZvSjjvErbMJuM6Vo08d0WIDyAjOWclFn-cnMilMhBWoASIoImUSoZLbA7rEthYgg8HWGk7oOOqdsoLrhWeihCe0CmthHlG50E1r5jEisJDezj-Tz_1VzKWh0sEnvXhY65n5_b2jgYV0yj5_n2J9s1RYvrpTJqxLTIhr1SUwXVysvtvP8aeLjDgUEIC2UwAed3ZqJ_8n5SWsy2J8tJQbuKJlkiEiYfOJZ45V_iNM7z6Pcca_DCfAl8nPOkJ47R7r6CGNHXicuHcZT4ppCJTCYWipOpuyNmSp8pt8Yx0n56RnRBJHsN-QTtYHCL9PlhbBGUSlONYn1lm1Hg3WxuNLWMBncFTWsuzXn7mdCHSHFvZ93qlt7Lv8UM1LgK5OXLajdcPxXS09Y855sYa3hKPsNnMj6Rq3GyztpI6BOePjLIDwoEKwpy1JoFyf9TH1jU3O68hhxBLULuc6Ido3kCL-cLCnCwWU7JSgUMrRWQhnXzFffG81VvzBmECtBHu5oO7ewnGvZJ5MXUpBK4lPmLqqdNEEuwRtTgbjjhJyBPH8dGcD0OvMgxPfr8hEr5G1Ryj4ikJ7HNe3FLB24Aue59xhF7CR96iFqvVrUm6qtzN618UDLktsoOkqaOgZUAZsWKt17mbfh8xDXFmHCd14ZUNXs08x2PACH24uK1j2b8h55xQtgeIjAmIRfzs2DzShf63EshtlT_A-gkfln8VclpTCqVWFyEmndAg4DjZgO4rvY0ZQng0iuZ-1qhUzNEOvcJwCZUVrw9RVsJ_d_WGEmfQn8aaXtleZJluFwk8PFXMZUnaovl7OaPSLn8epKAvViaGqLt64v7OXJMs1dIqKgfKM6W2D2suKDTYHTJYdP-3BNKh2TjE1VqtGsOsyM5PAM_pmPmPm4Sj_d0Ha_4A_XokXdIPr18p2dzwASuoFWHeWkJkDXIzXQy1w-4TLIutRyP5_Q0JnhD9zHkY8BPXlROIehNeHh0D9cb53saQoYTDj6k2OKxaGjHo2LxbzUqa4LPCcf0NhqFK_Iw2C_7jT5OTmXcFYwtk6rwoWiM1YM7B_P-x-MF28D0Sosjkg-NoUz6yDwIKPCB8756-C7P4enX1o_a2yQvPezEho5bz3Sxw8n88HeVvLkwJVeJGDvgcN79bVs0kSqRYraoGcrqSQJXgTyjsIB6iOyjTMcl6T2n08_xkRXNpKDhYYygxEsdeg3NR6k88lAxn7260e0aHZQvj5x2Erth78QHY6IVufd7VMTzknsEopDOYdMl4aRUV9vZ8rKQosGIWicA6EfvVx4JqrrymstPUwV6uf0ZQqa9DcGrTbAMGE8EK6wi5s76rvk_90CX4e_y4VllDjwq5U2GMNDEOLbPw32mxA7L9JYGKdC5Ny6V1Wq1gsM6pnkXQgTtK4ijwv1CtpOrF-GjVCv-0KczAg81j9I7aCpX0C7myGPxSVv-fOHPzCqB8QOBiIPtX9BlDHH-_o2eNMlKO-iiX6CgDOGvxJeIK6kqR3Y8wOAYmUgo2Sks1Bl_W_DM1BGql1yoKJU2zlpwptaFRtHXjsG_fSAnTZaWVlkSNFEMAlbtngkGt-l8dQ6ailyNoQySPH5bXbKAFbfCYBzWkmp3vK_475QmwzRcuDjYJb3UG5wqjNYphq8kMapmLr-qBtczZitPvnIlApy6LiAKOeSufP8S52xTbB-acXYsC1CR-X5MVZvIEZMKIge17D_zeINFXSLhSjYVRb9y02eL099uFg-nhy&pr=8%3A16C1C9615BD8B7F0&cid=CAQSKQBpAlJWfrOc104UX1zrZrDKcDm5A9FZ-GwXrPqwX7FUdWA7yuDBS7h1GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=15813164158791600000&adk=1403819018&idt=123&cac=0&dtd=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0f1916fccdeac5d9aec2983012e1835d355cab1a3f8bef587956445e7545e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41226
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5C1B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 937B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ9S4iSc7Ke3dy1m5dAnM-rMctrUXLP7jOhRZfWZgjKkoGDP2uCvZ3GYGiNT2NcivMelw9CLOCm_OlFgsDUbpUq8gpbi5FZv8uiHzFKdoUBVrI9ixfyNaVV79nnbQrQkosCPzGBY7yFKHRpomoMcehfYrZ9LccnXmP-zLZydTM10e_axUAeGyI_iIs96_Oo8pRLbIH1KZl40K37s7GEADiBPpzckuaPJzanQaMv4f0yOe0Okrhql4T4FSECGMxcEeMddIfsOEDpnoJfDVu2GTiLCFvkmt1M1TgJeMHh0V3XjxdZd41xI_ZjsslKRfbWMgISvDGNGwBDmWKVs4cYh0&sai=AMfl-YTMGPoPLMQ3feOyv9g6zfuZ9fHOcGQ-24Mjz2uaO11__GZpMEFXqaPtxn9CpmXpaK86HjN35j4R9TvSXTy8qXQh4ckGKblOfFTqoUxeOF9nZdxOE0chhtYpdLQ43Po&sig=Cg0ArKJSzAH9az2dG6N6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 7538 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 74F4 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209103&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216301491&bpp=1255&bdt=1523&idt=2255&shv=r20230810&mjsv=m202308100101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216304&ga_hid=312158561&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=275295946&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077148%2C42531705%2C44799570%2C44798323%2C31077066%2C44796312&oid=2&pvsid=3463363540501150&tmod=1900147391&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ekf1xi52943a&fsb=1&dtd=2266
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame FBC7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame FBC7 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame FBC7 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame FBC7 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame FBC7 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame FBC7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3AAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdQ5wZ2v2yGRZiVGGQSEYbAm0RlyQHzZu1yipazqOARA0ppe4Le8lRMFNVSRArWp8DedvBrzmLACQ9bBl8EDYA29JX-dgME5t9fnvVC7wb2-E-S5FMoaYeEghTadmdWDdG9J0zAO2H4tXSS7e7-0sk07VR35ilSIBxChHAlZjbHJHedLLwMt3yCwJyfvdd9g0rJO6q0v_PMELZXs26-7rcn2Eg6oeSUhy9VcPBeSMFwlPGNw1byl2ClSsyy_08g-Khljrju-vkO5-gKPk-0Jhdq3_BbRkt4H3zXkwsi86OTOaLul3uYfU7jNIfHSmqlN1PYcQbEMbQMH_Aa1jUI9SO2g&sai=AMfl-YRlQEr4ShiSucRnIUY3YvICMyHyXxH1jTqyls4lpjMxsjzG-l_9QifQl76d70h2CjChGFFvPYRmzO_f74WfAwuij5JtKxfkcUM0DcY4QY0KTTZcQYR0uMuyLCkBUzI&sig=Cg0ArKJSzId2oWG3BzTWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3AAB 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1304f7fcd264fbff56eed0d0ed754e4cd6f89ad4d2a86b2a78063a3317a4bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11629
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9601 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa8hTsyGlbjft7n7ujBL3y1JgOiA919ICB8p8blOJ_W-oZKO8E_oGGKI1RnSzSkscrm50at-7X-FHPmxXEk1DEGChbIkpdD_JdItxoNnvFEEeg_Ku-ykN6JnJNE-V38VLOTDzzNvF_BsiAt4rVNqm639rNy7xnAKJyk2Jg0fOEWk-bJlsmC76VKxn1wHDkJ_CP04nONn2ITd6fuGhgvO46MczX8pfVOFIxGBuLHFpCcb4s2FJZPVwndOO4O1AfoeUeUGJ5ZxFR4gO7vErpOXnKC5LeR_EPLZm8VfRtuiseI27ZOijobah0qEMsRCvbty9Tf1OpdOpXZQ16IKRgu-HvCg&sai=AMfl-YT3l-MCf0CJ-F0EGoE2H8Wx7c70ZyK81Ja2zLmDvR8cZCl59pnFxcmvu27PX2HCtelTntokzOwSFBxuISMW5etdxrzAxp255ahWqX_GQDWrvEKWG7lSRmmqSX3gmpo&sig=Cg0ArKJSzNEII-Ijiwh3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9601 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ac0a2e11bcf537ffee30cc838a38b0f76180da6db0f2a1cecabe041a4b8d95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11667
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 92B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzRQT7fKodYVydR8G6efX2ROtMLINTr25G342FgXqifzdk-tlR0ux4yJP8afR2pMNkUbIY3xabSadwK4JuLF2td2okLb3JeAKgHrN0InnwlVc5l3hUkcNiZ0zx2kdMOJHIocvbgNlDOou4sczYvP4FuMbxRDGpXr8qzGOlrWT7u00-ccWiXcHvMs6wH63bKjbg97iQUS8fvGqmy6lROan8ujcaosk_NTtvbbojJxfzaardPUHbkNfrg37uYe3SQLUEqQOLvk2bz2QJgSR7ZWbwXTkuanR06SeUbCTJNwQoicYPvjB6mUfP92q0kskAWt4PCJXNs-SeoTagunhf_qJ_&sai=AMfl-YQMZWpBmQTxSEYMKwSIH_rFvtz5I3GZyXT0gdBp8N-HEoWFjBvwXMALBxneA18pJR1ZnKH0PWNKK_a8n_mx9hE1z2VgO-lSs6OiuWsLb_D_FK2KD6urfQOBKboJfrc&sig=Cg0ArKJSzLeT_Gk1g_t9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F80B 		343 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNWq3KKF8_LvK5Px3PNQ_ZGAK9ImpBO2tBOCATEGhMZNpJI-54vrf9B1FjWe8EU-KsOFCetvWUJYLr6ZbWqRESsEZsgurIInVz0sD8o87d-UahJcBBv5ecPQ-33TTTTeFr0SO6_am8Tim4VSqKedmf9MubvrwSgNkWeY_ho20BfppnN5iLs
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d39cf2be5da67babea72be0a4d9c469654951692c49f888bbfd5925b532e99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 92B5 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B5 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Au3baimsZpHzUqi1SUpZdmp6fwqh_d4bI25C008-DzAFjdbSIxt5f-_MOnxgy3DJ8qXJwyHbRYPmCfQcuz42mrVN23HI-eg3uwjGyEnmphiWtAQ_4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B5 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11348932008894678669&x=8&ct=77
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e5e78460-c906-41d3-bb46-21b459659554
beacon-ams3.rubiconproject.com/beacon/d/ Frame 92B5 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/e5e78460-c906-41d3-bb46-21b459659554?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BB5E405B178DB258BB4A5C960DC547570155586C07032AE85FBC3ED3E412A7AABAF87C2C19432B6FDFE5D718BBE08EF1CB8401053A93E9EC0F261708826A93CE0B1CCDCB62963C87899BDDFEBC55FD3EA08D541AA523D52CABFAC67DA3BB5C5A9D4C27ECD62301805A482AE6139C41BEEC6CC88F49602A0F54E6FC96756E5E5718FF28CF001F560B19A8AB91AC0B04A1851DCE1A297EC7DCCABFC894AD996030BA3540B0EF5F43B7CE0271C8E1A182BFCCDA10306204D320B
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:03 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2EC3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:17 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2EC3 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 2EC3 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:18 GMT
head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2EC3 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3442
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2EC3 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:09:27 GMT
728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2EC3 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:01:51 GMT
x-content-type-options
nosniff
age
193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39260
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Aug 2023 20:16:51 GMT
viewability
hal900010.redintelligence.net/ Frame 6907 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=64536700147702304444640012418010&a=f6585f2e&vb=v
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=64536700147702304444640012418010&a=2f1e7629
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame CFD7 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEPGV5IEFGMPBm_EBMAE&v=APEucNWlBVkKZkBaw8GxWnOC8pTFMTBW8jQQTk36G5tmCUupHW0_WNqPJxdNtvOh6_n2nbeuVf_zWH8Hpy-uAoE_CKkZ9Dyriw
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE2 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=781524724498&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE2 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=781524724498&version=m202307240101&ct=76&x=1&cor=1777022829310268200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9DE2 		73 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BznI6dNRo7xgJxmSX0E8P2JtZfAdkL7EUXBl8dAucT_vOJQpyS5oUDe-L1eUQdtuzb9RTASiroG8S42eAm6W2jYtLsNA&cry=1&dbm_d=AKAmf-CHRhjMm7DARwFAf5XQ7IV6RLuBGTA4nTuufhPeCVdI3RZBb2k-Hwce4MMtnq0DxOvcpo5nOkurmELeBeQ_y26v-qRt0U8vDvGLc3_I0TwBb78_YrlTRRBHaU2gNTCAz_gqy3qBqCEZ95LzpqmY2TEwHOjYPzLsq5HRpI5uUTDNrAI5JZDDFBfsIz-mvyHALwgx0Y02RSsP58rClN6mkbfthDHJaySkeD37O_KG5JbozsqWLgU8Ff05SnmwEQf7g859gKA-fRicCXNnlUaGBx9q_PMIvMX7Vt56ivREGEtyVdRqHBX-Oyo0FPMshzomxQzDVxjICn4xVe0eGJ2A2pRCmnL6qLd169T7-T2caIBZPH-2An9rDJ4a_-FIeyne72aUO7PlAKueRg3tAcpdm4eAMSCv2A48_ij4wH1sT-REgcF3uQszPYoS36pn-jz_uwRkK6TYsERN9Yo_TIQSWdjQAT3adp_-fACGvt0Pb1tqN8--T5_6Q5I9-EdJP4f2QUZxfXzo3pf6sTAMpsjaNeEy6HLT249cHGYtiVRzrWUTuNb0V1QwFzD1nf4w_FMHj6m1rqlM-yKQwkwlZwBZG1WaCvObzhdLgKU5MXJec7uFDvufx14MnslhoJVKpkNPMgtmMHKjXokaXY0M9PmQE00pLi5FtrnfJy6rzqWCT0Ls_DzRhzh0wI-Nn1-A4fWroaUR2O3oEky0pUj2K-R02ZVeRE9B_VwwJeULXSVsPUzsX9WKHY-SNfByq6A0im08SY668Vpobq1Kd0CD3wcAJRij3mnaVvnBWTh2aDqgj8TcjQ2XFzhOEpnQecGN7bHEBSzQREmHas7KmrmCjILQc7cyNe54IM_2QTtN3nkMZRCswzKMkfB9xj0qVAr3UFg-7OJ0Z3FSaNw0XpwvzyFrP78fqHnL6LNzsC2fKShRIuCoXYf058Jx33B0XcpK4yMZjgVyJ79QSd_IeLlEPYf0_6J8wBcb4-SnX0z63T2DWGfLKzw3STqAStY83l9ZUt5Jb-OyKDjeIrFa5OqJZyJG_bWEfqlszBVMO97fvpG6BNvFkVF8DdPtC95vBj_cQ1kcltxf7bV_UHqsoQnmuh9w4dPQu0NABkP92ujamyT3MOatDhzj8_6iEeh5BXWs3pMyfHnpj4DMlf_OAd60-X7IupGIS46PZ1T4cV5rAK2zGRe7CTpPc73aa5677oV3ufL_J2jqz8GOLxm_Yucy4dXvb0RpKrhjdXH9OAR0egphLFf7aJd-qCGcNKxFPGnXohrwklZ_0n-hjSj3gNRZqbHwblPg48fSi2-T3kPc_UpAE-OcAHSrKEa55up5iVZtRVKpGONikGygAtVFyyi7CX6aa1p5IY9mZ7nNZ0OYbb1Tgu4_l1Hgcb_DHyNy2QNd9mdFNVnbHAno8zJwSclSLqVYk3lxtL_wLXh1104zy9xUiDxoDQtz60ZXJA0gu0cocHVtUo9TqAO8tM-s30DOYOGo7GdfNNWZ5cCFyy7pEIgNWNYlDLoCuBrYpT1fGwsIJoCq2iktYJb1OMZOK204RcJ-VCcY1Qe9lRRrEYazeYEly5RDIn2lD4igVdsYEKRsjscqVe5QIHx0oqp_4dVGxe8Y0UW9QX3dO92RmNKxKFRTemxaT60B1iTKt1aHCJ3CYQHqMqnvS-VDgz0hgAB9IIgGq7bVxCJItT9Tl9NfJkdTvJfzvs1fJ5WGlSU48RHi-5ppt54FGhYYxApj03W48V5_KmQBfwCVHELlMj7r8GE-8p6EnHMs24ktMObR2t0DpFxw7gROXaBPXcECyiGGhQdxHOdYis9gcrun1qmMcYJuKnQDOQzKgwpCsUuVfT22xDRzMHM0EB70fJu0xDWy8yfEEoDx1qDIwJPeS_9LuUX9iEbirruW4Bb4AF46JfrlLL8j-LW8tl9QAcnWIXqbS3l0JTrUHT6B4uOhnS3FTRcqBE2P_8pl6jH2d9vSRavivZUbwZxEe-FksZjLBks5VlwKSkz1j-yMhAv152v7JwbvShYHOjddv9g9bbUgKApMs0sj_DQt_UaQllULIOXVYm4v4XDaK1ZGqEI7jxOZUktD9VvFM7AmhusqASvqIQNY0o5R1WSTMhSMxUFFW4OnzjHPaEGi0PwmX9oLrsjN2z3YX3Mu8wblyDeMcrQxANILepi3P3onkbI8KmGW99sJzSNVbHoynyZsz2MapOASd5AdQ4CuoPbBxXrE1Qlow-MdkE32uFHyxg0n2HcZByvpGWiQaphBfelpQypcRqH2AaROTME9kkFwKO-qe3tK-TKgtoL7jVWpJU_gF5QXFjaA04RyJn9eIA1S9SpnfMZ0ZqC_GFgRe7bnkZVdV3r-RS0w-3jpmHfq3s9A9zwBnkJDbhTwpVmKx5oKmQQmNH7wAK9tO_jEPwRluFqvRGegU2VGaE-Iv2xRqxxCQND60hUpVmk1N0Vkffz99Cfmr9bGBIq6vitoHD0fy7D2MO9BkKQKUS3JTsehKJxHLmhDPycaNcIUmWBz8KiHaXX1JwBGFvHeSshcm9PDq1pr_dXOJNwnL-FiL8Gp-9bMPj9cmZB_8HFinMddzMoXm5WfTGmeTnAIxRJJHuZyAjCsFsCIvYmd_QUH308ww0XyEKiYy0beIiY-YMpOu-c31DtiWeu2AAo1qlZaLpbZ4U0Ub8hwWVMCh7YFEeTaHuA8Xa6PVzybzgd-SNsvn5Lcow-So0WfeHn-SkpZ4dHS0RCErp8nESdo2XsnPSrZ9TY3IS-yCqz8wphOcfAMJW9y0cvEQsH14J_IBl8XOos34yox2TpIK8gxJmgPEPER7gSIsoLQvZuwWD7jR5g9XmhcDJLY1723eLTbC1GCfA2nSueXb_d-InZIlPAq3EOJLGz-q-Ls15h-XQvHUoYUdnebHkFFCo2LGm3GEcDM8DbecWi29mH-l10FjFg3LaE9lKL9r3MAP06Y4wn50whcbSVxXnRXhfJggDqY15uj4eafZCxnWIdn-5O__KBPF08nO3vOWymNogPMHCXW8wN6YnMMNrPmspzXOFPB_q6C9cW1Yr9q74rghKwRbgBZKF6Wc0dhuloJgUzic96yINPIiLKgecRnGHX11kCa7_XHZXNchECTxVZ-vcLZo_E9nzwRJTsego6jssPTvKkpiD5YlsVTdUxRuv6UbyZ0YJ0lEwuMfPVRB0FnpKAVSjHKg04N9pUyx_VdckUARzvnc0wI2Mq6c3nOiN1qbd2fR1Id_zYboUAPUzI1nrhdsmCvMhIVPIxxrsz6G4s0dKbS25jAMYM2GuHQGsVHtFqqe_98MzQi9SZAbFkTzf7bqGYGlW8ENnXlO1jE6JZM39EYw4N0O2f85ESF62AOsweMudF66_4_6ru6S-NpEmvcHFHKROY27lNr9Hg3WOxyF1IikSN0idwJg_5n4Li21i4vq-vu9iopo2Y4xq23vGtpG_6jYW7xTazoionbbuhtTMq56V1qsSjTxC44Wk5Bw7MewnUUObHtMAQGRf3ySn3dxX__nIbMaSV2BE5jJ7DeMq08Mhd0-5Pcp98xQmwAPhe6juJowHRF1liVzswnDFuNkwrI3i0nAl5l6CoEBKWERsLFtQrh29Cl2faSg_ab_csWhqVA8xBB0Oq4TQFu1s65PaLTaDtKkxbE3Z7_WoaM_4grCeT2SPlOSSnKaq8v4MlbNQY9RerLUPzGTnKAn495EjjRnavX8u82&cid=CAQSPABpAlJWB_6EeCzMb-koDJLCw2m7NRb9s2W-zTycrbNBFmMr9k2qdvjqzmgc7LvAosdm-GQAD13bKqkISBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com&ds=l&xdt=1&iif=1&cor=1777022829310268200&adk=499937738&idt=138&cac=0&dtd=83
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9421ff9a9cf2970cf960274c7cfb973645c6b1644e9912bb3f7e3c0289ad206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33400
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/ Frame C04B 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077067
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e9a4863bad6298472292ba942c2fc122242551a243b9c752c85b5695c803dca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134704
x-xss-protection
0
server
cafe
etag
13991237793804996504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 937B 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dca70feef3dec88c1e51b94d0d9bcae7fce8e9f618944af1f96588f9f4cbc9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50809
x-xss-protection
0
server
cafe
etag
16858717651424079718
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:04 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1549653/72464743/ Frame 3C26 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1549653/72464743/skeleton.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
750ccdd3a9e73adf52c38f4ac7496d5351e235ac78270210bacc5df327d5e033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3C26 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:22:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 3C26 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 3C26 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75158
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3C26 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame FDFA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:05:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 3C26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuz3BGBVFGyRo2WxQJ4bL6xMz2OTo58Ye4IrPmAn1KY1stwk1D8F3i545Kr0m_i5xfvqL_ZzGChT32xlqK7LLZ6rHJeRUWaO6MFFHONGUypwlRTikjb-AEEsoXdD2fjKc559sRVZNmcuFMJi-1Bz0Bi1Hkg7v0VWV6BzYJmQMeJGyfm_eodiUwTvJug4wfDot91haF4obezWXmQ5EYboAquEcnKH9ENLWHo0gxK8Ir3HMN53l6doHYnA65UFzW_ESJxo7ReoZffRPYifqaeNvJqtgWlDaM24mah6TrxiPb4R8JcsQSAnPHJKhU8k96Pd4lIhle5WzSoBUfZI4zhayZozpo8&sai=AMfl-YSNgTWKNjlZlz6RkVtW5BtzxJs6y3VaQp4K2zSXGD5P0bKsEFUhvJ06C_uFZqGHKIbWmVrTfwUBhHS8nisUNGoQtGs_H1PBnfnrMqd9xHwcw2dbl8SeMNtodvMjKqo&sig=Cg0ArKJSzGHkbC9njrdwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:04 GMT
truncated
/ Frame 3C26 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86ee818268da2be22b612e7c41737c38babd2a998578b49cf510ffeab7e1ba24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 937B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd4117d6f229fdd8d6d73a24f7fc471ee1bd7b711ec554f83fbfc767ea87a2c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
viewability
hal900025.redintelligence.net/ Frame 052A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=62526000171264204444640012418025&a=df9c6536&vb=v
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=62526000171264204444640012418025&a=8fba4e17
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3AAB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9601 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:04 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d&tv=%7Bc:lurNvl,pingTime:1,time:4481,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:728,h:90,t:838%7D,%7Bpiv:100,vs:i,r:,t:2988%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1493,o:2988,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2979~0,1~100%5D,as:%5B829~0.0,2151~728.90%5D%7D%7D,%7Bsl:i,t:2988,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1492~100%5D,as:%5B1492~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:636,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1b92%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb*.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bb*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:31,sis:1555%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=eb0e1b5c-33ed-3dc1-491f-125b49e9ab9d&tv=%7Bc:lurNvl,pingTime:1,time:4481,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D,%7Br:r,w:728,h:90,t:838%7D,%7Bpiv:100,vs:i,r:,t:2988%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1493,o:2988,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2979~0,1~100%5D,as:%5B829~0.0,2151~728.90%5D%7D%7D,%7Bsl:i,t:2988,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1493~100%5D,as:%5B1493~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:636,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1b92%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb*.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bb*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:31,sis:1555,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 498E 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3169470232552&version=m202307240101&ct=76&x=8&cor=13434467368271390000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E374 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch.gif
beacon.krxd.net/ Frame F80B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ-Nn7SDaFHCMw8K41SqnEw&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ-Nn7SDaFHCMw8K41SqnEw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNWq3KKF8_LvK5Px3PNQ_ZGAK9ImpBO2tBOCATEGhMZNpJI-54vrf9B1FjWe8EU-KsOFCetvWUJYLr6ZbWqRESsEZsgurIInVz0sD8o87d-UahJcBBv5ecPQ-33TTTTeFr0SO6_am8Tim4VSqKedmf9MubvrwSgNkWeY_ho20BfppnN5iLs
Protocol
H2
Server
108.128.74.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-74-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-served-by
beacon-n018-dub-prod.krxd.net
date
Wed, 16 Aug 2023 20:05:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1692216305
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJ-Nn7SDaFHCMw8K41SqnEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ul_cb/ Frame F80B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&dsp_callback=1&google_dbm
  • https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNWq3KKF8_LvK5Px3PNQ_ZGAK9ImpBO2tBOCATEGhMZNpJI-54vrf9B1FjWe8EU-KsOFCetvWUJYLr6ZbWqRESsEZsgurIInVz0sD8o87d-UahJcBBv5ecPQ-33TTTTeFr0SO6_am8Tim4VSqKedmf9MubvrwSgNkWeY_ho20BfppnN5iLs
Protocol
H2
Server
54.247.148.218 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Aug 2023 20:05:05 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=1&external_user_id=CAESELq3MR6Jc-fwj9pP496dNnE&google_cver=1
access-control-allow-origin
*
date
Wed, 16 Aug 2023 20:05:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame F80B
Redirect Chain
  • https://match.360yield.com/match/55
  • https://match.360yield.com/ul_cb/match/55
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=ODUyYTAxMzEtM2YzMS00YzUyLTliMGEtY2YxODNmNWNlMjJk&dsp_callback=1
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=ODUyYTAxMzEtM2YzMS00YzUyLTliMGEtY2YxODNmNWNlMjJk&dsp_callback=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNWq3KKF8_LvK5Px3PNQ_ZGAK9ImpBO2tBOCATEGhMZNpJI-54vrf9B1FjWe8EU-KsOFCetvWUJYLr6ZbWqRESsEZsgurIInVz0sD8o87d-UahJcBBv5ecPQ-33TTTTeFr0SO6_am8Tim4VSqKedmf9MubvrwSgNkWeY_ho20BfppnN5iLs
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_sc&google_hm=ODUyYTAxMzEtM2YzMS00YzUyLTliMGEtY2YxODNmNWNlMjJk&dsp_callback=1
access-control-allow-origin
*
date
Wed, 16 Aug 2023 20:05:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 705F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4358559514095&version=m202307240101&ct=76&x=8&cor=1936102112851512800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxY0lhC0s6w3N41rCXKvbfIBvCSrd2I2urshYP0NR12lDBzwAmFXeU6gOQPV2vEUYaHGH7TMtJBwymjeQ0_Hw9Bqg9T0GuB8ihsO6bE6UmzyywgPAh&sig=Cg0ArKJSzFXL6HbYAqIGEAE&id=lidar2&mcvt=1664&p=796,353,1046,653&mtos=1664,1664,1664,1664,1664&tos=1664,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=748357368&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216295730&rpt=7398&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E374 		812 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53562569&p=161763&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
515239d8289639896f52c3be97bd5fd1c8c1694745f7c2bce5014933ef0b28b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 16 Aug 2023 20:05:03 GMT
content-length
812
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame C34C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=3436190074934159&bg=!e3ileCzNAAaiGN5Pghg7ADkAdvg8WsTP9SGKJv5gJ1fLxwOt_OF4t2ZdSqjLui0XrOxREhArPqgfSs3XnzI7aBtCV031wvqfwswCAAARV1IAAAAIaAEHmQLq1aP3wxkQgXaS2_wU2sPLlAZTd4UzgH3EdOwqutk_HzZB824QwzLqy80p5jlm2CxdTU5D6FoDAoZcmHAWNNG0i5o6Sx8nln5XH_0Bt1Y5gWm5lEeC-tPTIMOzb_WLlYsZ57oK4Pr4Lu4cYJtXb4IR9vy50YPP6C6CwjQQWIymYQ3Nz503T9kBtnea5oRllfz4ExSp4HLNhd_Rc6QdhYk-DhBc4A1cd2AjG28S-N9Nz1VvL3O7x4hbExvEJPpKyhu-NdI_JzFOTqZrZI5DuDdAfLOZchGbWmVaAonvqMrN5frnCuE27BPYNKr_ZopslLClgqAEi-9097QFVHtP4vGklFZ7DOEAKkRZqej3DEzGjSTIkKnOYa6CMUtFfNOoFOfYgNbxgfbxh70s20UYPAPNUhwl-8tW8jnaYkmn4ltizbX03KFRYz5JLyigTNiMY4VLVEQ0zlVYw2EWxJVSbf-FXGnKKJVTFubsu55qOKrSIL-x4CtulAPYgf6HyH1_T6opYgKPIJAxxZzAFM4PW6JK6JSMEhi3EphWMmmEYy_8vOpkQn_mTpUmis8F9Om9oExDkmOGs9ICwZbGoGLKRUDzatV1bX0RT1ot7pkB_yypkulqwFVvn4AgDmLmI3Vll8L1QmJeh4q7aGlV8a03_sUzbgVtL3O2yh95QFA071qBrFUr8KkK96gb6bxI2tcA5alIO-l7cOEp9xHsbAVxBu_xsyCHCmkCt-gMXEDo3nUspX9MkIrIznOHgrpI9kKCYmqhFciwcmFCCnubmJS_z14bHrGcKuuWikN7bVg-h34-7-0z8OjRMUU52bHQPR6EpCh083iPLw5I9dbmYIGkj9IrrWHKFhE8AdHeH5TtofR1xwo7NdeEbJUSGD6GhsyHVy48VfiFAFj5A99w11SqAvHta9lv3wo9-3t0bM3giAD9mSuFZLd_7zSecXEnwhm3w40V5YnBoHzg21tJzt6dAkEpQ5DccR23skRj25s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame FB3B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8PZQrpW0KjSCzEf_AC7RShNhV0w_HI4qcoBp3Tl7klK6BOfSqEypwHw2oiPls3V6sEdWiuaqWIijBziktgeSBUEYHABV8g9uj9_GYtR_Umsw2usbQ&sig=Cg0ArKJSzIEuWMNvJhlaEAE&id=lidar2&mcvt=1556&p=796,353,1046,653&mtos=1556,1556,1556,1556,1556&tos=1556,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2511409325&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216295645&rpt=7551&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C2C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6B57 		831 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a950d21d829133e2ff00cd7a81130bf1cf334f1f8ca72d7bba038430bbca6b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mRn7Lr-EtisihkT4xTTq3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
532
content-security-policy
script-src 'report-sample' 'nonce-mRn7Lr-EtisihkT4xTTq3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
expires
Wed, 16 Aug 2023 20:05:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b7e091bf-dd0c-e5ed-f46b-a33ec296f444&tv=%7Bc:lurNyc,pingTime:1,time:4441,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:708%7D,%7Bpiv:100,vs:i,r:,t:2930%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1511,o:2930,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2923~0,1~100%5D,as:%5B701~0.0,2223~728.90%5D%7D%7D,%7Bsl:i,t:2930,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1510~100%5D,as:%5B1510~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1106,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1ba*.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bb3%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1ba*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1606%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=b7e091bf-dd0c-e5ed-f46b-a33ec296f444&tv=%7Bc:lurNyc,pingTime:1,time:4441,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:728,h:90,t:708%7D,%7Bpiv:100,vs:i,r:,t:2930%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1511,o:2930,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2923~0,1~100%5D,as:%5B701~0.0,2223~728.90%5D%7D%7D,%7Bsl:i,t:2930,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1510~100%5D,as:%5B1510~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:1106,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C1951%7C196%7C197%7C198%7C199%7C19a1%7C19b%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b34%7C1b35%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1ba*.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bb3%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi1%7C1bi2%7C1bi3%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1ba*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:1606,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 5C1B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2UPkJgVVqzdVBFflV6FSTbIV7l-ebeKoh1Je-p5m1aoSmzmvdeJ8fo0CIxC-A1Vmb9PrGeMjwKmTr04lgSXaAG1tKIrAVkV1riVXbbFO15boGegSr&sig=Cg0ArKJSzOXntLD5LqVZEAE&id=lidar2&mcvt=1506&p=796,353,1046,653&mtos=1506,1506,1506,1506,1506&tos=1506,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3791825238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216295992&rpt=7287&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B97E 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B317 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3C0 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e2a6649de823c0ac7db317d818540a81bb9352d82638104e043a230b0c64d1d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ORy1vPxCXx0EihLSG-KJ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-ORy1vPxCXx0EihLSG-KJ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
expires
Wed, 16 Aug 2023 20:05:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4472 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A4FA 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e39858ac0f08360a047daf78751d859e1c327b2d85ff782c77e2d42ed0aadd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IvPuXLRmKjDfQd3rLh3XGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-IvPuXLRmKjDfQd3rLh3XGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:04 GMT
expires
Wed, 16 Aug 2023 20:05:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame FDFA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18672
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7233719029275&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7233719029275&version=m202307240101&ct=77&x=8&cor=11348932008894680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 92B5 		18 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHQmdIdA1PsytSSiDMjjFsN1Lb8HtZP1QZb0-tWRquFGbbOHPUL4h1QHxDIM9X23CSlu3OuWpTAdlW63L5YFd1BVyRbQvQtT5RJSjLD7y-yL1Cu1PKnI65g9Fl0SwfOo-d6ov-3GdlXrnVfqhshX8OZyDu3T3vIW4saqT_-kfWfrq5Lsk&cry=1&dbm_d=AKAmf-CNDXGZSBq54tWmFmyq-nXXlflQJLMSXLOVhU4s_-_XD_T9j1nqrDbF3l5u92uXUjSw36eaWD5UunHOMQDD0RIbg4malvY1vKLFifB9zxSxX3ueSRj8M_Z287mgbFqL3vhbrcuVXvX28eG2-l0IAF_TOzuToZRTEaNb1rvaAsloH70VnBkT9Ip01QUjmhvCY3Z-nojJwznO8tcn-uStVnuel0_PLv6OQOtbSUkwzSElA2uN90xW66qzyZNiw3YdPb3kIT-Fmze8fZwYDDZWEDP41ZIG3J1q80B8CIkakNvy2Lo-1UQjsHG376PTuGpsTtWGiaytaGffz5X2WN9AOaF9BkMWkhrqBQ0XHhOGL0hy0TFDbAC-pF_tSpu0DHpbeKjdZ-1hCH_NMRJ9NUa77XL-C1OqbFXzOTjrl45phkvnSr7DzGhLOnvVZXCz7XLMtZmXaRzzL530fnoKUm92FRRykatFympKWrjhu0P9fwZ16VaNrp8ay9bKDMfCctsmuevaPtrSW99Cdn3-58k19n2dO5Bj5NqkTVb_Kp0U9MjaZRvflVM54c6imoJMO4eQxFDz671TJOSwQ7APiAwcXuSmpngoUAYT4Nkpz32TnDWnxzMt4CB3jubrGBrHihiBj1NcgctxERdDuB48P5JiwpdH1iC4o7-igb9kb5N8HFZTL2ZHXXXQ9toNln3ln_hXnWPhbXnPBGjVJREvBJIZ-wbJAAYjRyVDGF_26PBiZKEoSCGz9GhLf_UwW_M-jVKYgyGyi4R3Yn4DGMXeV5msIQJY3gEA2NgNPXGKAj9Qm9dEexCEF5QY4KQspangpLuompY4jzg4t1do8aa_osS054hHBhcKzXyc1QS7VdHY2I9pxVd02clsJ-Y8jXEDN0rpiZY9ZSHeKWT4zfKBswaMJcC71E59ivvG8ZXR3Dt9efJBPSkOil5_XS-kqAehx8kW6Hi6DiShU8A75STdjjmQCzsTe6KaPS2TUP2NGcTvWQkRIs_aITlw--endbLbRgI1XVT5uE9xVBh2DXjdveetg1LsvGtNK18iJSGyqXlF-1fT7YMJDRJnGsjuyUdw85Y0s3LL7xxrcjJUNjVCvRFEA9x4FZM9TEkZXJEO61yGzW9CNwals79olyfp5_KmQctu6Cv15pTrD9Dj_dFWPYr8DTWCLaqpgtvHTs_uqr700mthiYmh4OTOMunC9pEXwBHbHC3xNUO0nXkgZ4DbbsGV-mBhw8deVbM9JY-ZAauatNg06SGgw4GePWHSfmWVEt1NuoqxkAq8qr6-bIA4BRq2D0x9d9d-xkiiilcqYpRRukGH2DlvgyityGWckWH3Ym2c16aVVDyRMF14Glv0B9ieODQx1pS-fpJ5U5YKPdvLhPA2ophqWC2sCtJ2sYuocvRgBO67XzsAeRaDElK-iui5MWHpf0NArMZTCWaRIl1OrgtbVdjln6ouDAXRT3LGX7vWmE2A3lQQoN6yoS7ks3uVxVHAllhbHwHysEccyX8A7rt_u3WVm69xvsY0M1UrzG291C7_R5ZgealXNiPKQycprHYlHYm3gn-fd2ULBKD2uZnB74K_QSatRjv9kfM9618hiDVvQtXuWgglIN_YE46zM5LjrJSAZZ_ALAminG_eia8K0-yv-aFA02zIC1ZasdSlrezTXF6YKYNQxIcnLyga4gwvL7L0Nm7toHW16FwenahO2PZTzdLrxDuKqT1l1_4oPkQ5aEdAfXmILhFny7TTvs2zGbKGlxPt1gYfy23f6u7cVndV6_sWo4Qx8jczsfgpVYzJJQDqT5_ATRTepm-FXbgqqik_PQEV_bRk5PZc8tDnu_286gQo2ur_3ecuHjtgSdGq0Q17xmR0U98R9JCN4SbMBKxR_8APSzRM15x2EpvO9Xn3i0SKRz5TYWxuVE9EhmrT3RjmpFHhbQ8fjpiPtrL2I1wS3fFRTljeEZtpgaNfGXQ-6VBvgnREu-pgGutnl2qBlPvhkE_o0_mhx8z0FwvvmQcsUBmxNqzzOn9TsAF3NB8diTDY4fymbQFcCuwWraY13MuB8Tc7Ph927qvhWgsanTiWrYMav9yxENNNak-mY-TkixIqgz7jV9aRQ5kvMr8qZ9RynqPYi2lUA7TiShC6qRx7GNCsJ-3eKMTgFYXKUuL3p30_y3TqIoOET42EsXdb66MhiVyLFabIm8r10csYz95XUYgq9FrE3I-BUOSDfqPnE5w7wnuTVTpqkX5B5E-PiaQGCXHVuXHLTk7b34pG4Gy3qWaZoH2DdGcUxGD-NM8CdZp9h_9HXcl_zQsuOA1RUO8IxpfiNuvQtVE4D_9ArGBT-ed94P6QGAAWxtsA8m9Tkm-Chf1wTBNtouWOsCcDUkR3DeDYp4SXHqJEqhl06hzaWFuAG3Ya0SNjKUmRZ97eAYC0cet6Ufm6DRm11VvgNw0DXJn1Xqyn8Iv4s5-T1F6zQ_bME2z-QBRdHYLA8b_5q9SEvU_VARs6v1MsafIhWTu2FsL0NVkHK9TaZwggIWqlI5OZRh2EmumZ8KBkRUr9KJjlCTYOoLDpld1s0FvWq5CYnA5JOtBzSoQ1yurQna951Er4uwtl5ABsbVDkokAFDXSecNPNIPo6J2eZ56RVDg9m0spNOSIF8WAQ0WPwOQnD0A8wOhAruS2ysbQGIB02Bdnbr9YfVFLlqdz-AbWngnPORuOzNvL4E0VlcZU6FePrnCrsIrmGxOZ13R5RPdtEtSHNtbaBDNDbAAmubJ45zrNMgH9lJFFT7KWX1Thq91_gsDWbYfqGIZ0mhPrXopj83MgawVLnRKBy62MqRA-YR876NANs-pgcax67R0RXeidtfzqLkuGRvz0zzxe2sTsFo2_xlwck2mY916qcWj05SpSQizGOQdKmt6YNQ9ZltilEmVxjITwHOyEIdqrolz-8IHmeuO51BH0te6m5BUiDxfwuwZSo1i6P__kCpgO5dpQGZnw3xpSQudGp3iSFttw5tSwjHgR7q3LEkUcumTyUXOCpBCNHpPbPigTmR0gioViR5oqqPKX_K_wz-rWCNfpngy3hn9gaPLt6_6RWMsHY8i4fWQzNCIdMRgMD9_gF6JmR-ZIX-oLEIGqyvVUlV-0_lY8nPGt_LgZlpj2cT7VIzR4cIidFNiyxV0-Hcu_89GsUOK7Wl5VFbpHURqgSPHprqHQwAhgHT2Ijf8hgd-PiVVq_HCwKBo7iqJebMf9mW_lLrNzq08ACgFj-fg8PBcxLGOXzdtI7o9E30Jz7PRldOX1AT4KhLAIhOuLNod2pDHxvxizdrbht7uv3KIEQ-okFfZoxyTLJLEidvQi3K1VQ_mb9dCXe7euRVC0wOYmsWoEQQXdiVECLp5etQ4Wc9nvSSW-9_niXBYpptd45bRwRy2ccXWgRBzpr_QPsAxKkqT637udXs9PuM8xeOeWdTNwhPpnx_RcpDM0A9RnRm4gKYDKJ18Nxn4sm9cogrqIdEZ1MRKdznBg4_eKVwYaOgX8S0B1c4fwSoLRr2yWVlojPxuG7iEynU9eMTIk-5Ym1N8cqHME0q7EBoxP3RSugdEbqaZhYmOuYTOa-9-FRMzyvjVNwUVgbf-6nzwa7TJDY3-0in_Q2pBpSQkDlg1_HvLzPMoM2EFUeOO0Fsg_Y3hl5ggGk&pr=8%3AC1420188982E9EE5&cid=CAQSMgBpAlJWDnSH1dYuNJU_T7oDVfMVK0jQPavfsxXo1tZFPxveVOivG_HIVEB87rD0qvfwGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=11348932008894680000&adk=1830218857&idt=121&cac=0&dtd=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b296a920c65d2d6c4852facc16e2e4655da1ad2c9dd0cb089f188c2d77856fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12871
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E114 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=1839285118876494&bg=!mJulm8_NAAaiGN5Pghg7ADkAdvg8Wg9Roc5YX1DAb-D4P7rdV_1cu7krDPBmn2YFb9DsRY92lJGSXQZdOgwTTeea2Rquej93Y2QCAAAM1lIAAAAGaAEHmQLlP3Hm6H1iWk2dfGwuwzIHdtNuiuPmnclia2wabSR9O01h1kPjnA4pcD0fNmhGKre0nO4jgC-un4Di9knAQltFoY8LTyUWqukVIdtroxgMXFLpjh4_LUQ2yl4G0CkffoYhXt-Nctgg4Q-bxdQ4UDcljnK3phrzIRQMGd1bSUPeN4S2qlTxMZxgjtrYMFUdiwU2guuNLm9Q59rfQfBgsevAerR1rit6WkSdiVyoEcPYZceClpy8nBa-X5-C5RfaT1rXP8h_HnJA5NYn2SKWkok0OGAUt2qclrzU1OXRvb4PfneNY9gUXRrKkUsWdpIIW8sSow27c8ZVvYI99gp62S4o952wkItPfAlJWwGDkSjzlDsqavpihsvU79o2L-3PjSBAFk0sRFQrF4gijTZsMY0nrBIzA2c1BHnieg0sHR8ity0_xfQd9U0JnpyM60wdYTaedsT0JsF4W4ZTJpDzSmj-ews5j-5Y59JJLL08wS_XYrQqwwmMz13-SMLgWYqwUJY8xHreJWCVNtn7il6XCzNpBls2XgN9L1Fu8K7eqxMf4s73vOMLbw8BboyVYqV5pTm2Bg0YQAo1TUS4vzAgX6l16R2mK9Zeyau7kQJUffoqE54YnxHs2ZQAveaBigxG_81B7DD-7s9LeRlKNf_Ln7u16TnJhDppKdQFJhTTIhWemKoIvIx0N-jogy9V8rljelBRUhcys-tk41cCSdSyyCG3iSdZeXcZcIgpTXEaQSI71KtAyICVJtGUaR6aGfjaeKsMcol7ugU9rZIF9tOSUdbKYRmJlN25ju6e9HVwI4wEJINhWYfxcJJgfRTu1LxaH1LjxTK-mZAPBvFa6JiDJqt1hBvZAftpxUz5JMKKcGqwzqnEwBEKr1qTKynOe5gSg-diR0l4gi_pJp8jFyfWdp8SK18CYP3rWffGIANK14Vo49Pz0r01GJ7izw51uBZPHwZyoSXninwwFmveP6250n6jFQlX4KHW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 7538 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR8VuhRX5fMHsjn2RHXuAsw-wznLltMzvBX_-fMCXvmyuB82xjag6pUkpsOaeaUn72c5Z_UfZn3WOxrlZ0SneiVhdz1pmgtQ73csy7B5L7MI2wVy0jCYGnr306Cm4FqK031Y7GvjacjjlWr0su38edNJBqcCn8iOJJLQDr8aEeOFNtoHQNaXhsjh2HLlSql6Jo-THH7tEpUO536NArnfEMB6uk-Cx8OD-4WFwku1o9T2P7GoBVWbjN9Dhvk3TiddOXlordS-19-rP7Nj0vIWcgSBBvqFDqs2TcADygqZCTiqET8-1AouFa7RJvJZ8hHBvD0U3eRpncsvPog8-vH48D&sai=AMfl-YSJA0kWkYx9zey6OgRCh_btzaieUIGo_8HEc2VEtT25BUCQ5JpenSmXkXjxpZ352CwEv2lqkgpQ-srAR2hwJYreWlMPXCxJVRIEfatb91iLU8E-HnZYqDqZKKOVn-s&sig=Cg0ArKJSzCF2ej8lyOYIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7538 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd0668bfd027a6826ee67640294c029bb180df62c4adc49e1f62df3484aa06cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11763
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5982 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHuqt5SvdZJTrNKqRjuwP2ruE4AMAAAAAOAHgBAI&bg=!gIOlg9fNAAaiGN5Pghg7ADkAdvg8WoDpPof5BOiO1XxVgKJmneGaYbQnnQCqt6qtD1FA7-KlxES_XqsX9uiGl4-LW40vsj8LVW8CAAANk1IAAAAFaAEHCgB-Xu6SMtkFFG1VuDLveK6ml4nCZR5rfakmMQaeaXDuJLxeLAj-xmzMJvTVwwDIrBM301i3fWtWfCNAGCCp5hnJwIw4TLZM3q9dV0I94oWxuWYvx8Pd0Y_-UMT1xNG9qOMULWBefppnlpWmFu6_3xHvOnV1oHL0uasiUzeYFIBCmQMAiamwNspYJX-GM1_VuG_rzQXbetQQtfXV_vEOXJg5XiVrKg6b4rGHKniW1U41KH8_xktNYoOBWWfWW758LZW2kSWErNc7nguaSaie3rB0wNgd3D1f-MGyv10inwaCWQ_a54H7p5cbgcS_K7X-JOedNvutcGclww93mjSqqMvsNzB_j7HFVWLbxxCZUw2OpnHeG57UCQ2xBt6biH8_53Kgjff4oTBajQKZZ3qaZm2zamb1AoSgpdR7c7He30fNf8VCg1Mzuak4N_GNvfXkf44cq2-GvpyJnkC5hc9KxQ5JvtFvJAf8kBv2vjj7EB1uK3vW3nHCRcGzxcfJtqp4cyEZpLQ8M_0_88Y2tZj4-Nu0f7A6zw9zJ5-mHKzm0GwMSOvVw4eJsBJc9x7oXBjpRxn8rLmr7lYhnnao1kxC6vVQV9PFX9NLg02WL1zjaY0eP3ThdLaGJ1mQgtq_EPs7vW12m-F0mVaJMVjR-mUX4AZjCWwn3fB6o_LYJKRa0-9z6NekLIIaYtnY7Dv4jAFLpXd1qpgzWoWCBmo_9vaajbYxTEWqtxhAzuWM05ZoahBuWgPpseZfUgNbrgmhigHerXkAzpDdsHHBnObKQ_87t6AOy_i2q5Q3ERGsixuNh76p9CXpYu1mRfp7hRcZdlh92RU2ej4i7WSyKpMQQ09YFh4OYYDKhX1lLgKf8a6mhXn3uytT0Jhw_L7QNK-w8S7fk59EMpCQ2mADOTF09rg8xymzoENWi9E7ZL5PGXbcNumDzeb6uqPhKT7cibmhkNzx9kHEHLME8Sx0fRsqxCW1mZtR9vaXDkrAx-iQtPrfSiTQsHTAHbhNll7lzD_Z8v4ApWaNoSwtpfbFhJntkRFpepyetWTNsANEc0L8E68f6vuUdcutlsQqQkoXegxir0swikBa5XUaVZCxACv7Y-HqSJXMBtQnoDGJPDdaFtB3Rd9DPex_OqnH0KhJFvgfM3IQuXw319iDWqoStU7y4DQpCa8cS019D7BELAiNbbNzb2PY-9sj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3AAB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7TYs-RCvold3O6hQ9mUj7LLvWlZ6dqmcyj_0JlpwFB-HbEptwCzf1jz7ZPRKS3fvxh1nM_AyLxbK8KHQgqMxDybDwWudLl_-4dcXGI3_ZREUm9ybQ&sig=Cg0ArKJSzP2j6mXmpi3MEAE&id=lidar2&mcvt=1133&p=796,353,1046,653&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2678559298&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216297002&rpt=6798&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9601 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszAI7eA4AqKudSXtIWHJbTM_TQer7J-ZVB5JLBvrkFZ9bBKhheMPNYfbAy2aRrFrl-DmQK12KMnds9dDMzlqil6Ek2RQ1y8bpp0PC0EK4VbelM1T9e&sig=Cg0ArKJSzOsbmjkJNGsxEAE&id=lidar2&mcvt=1135&p=796,353,1046,653&mtos=1135,1135,1135,1135,1135&tos=1135,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3518033837&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216297068&rpt=6740&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame C04B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC8E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171324895&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209105&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216303134&bpp=1314&bdt=1699&idt=2110&shv=r20230810&mjsv=m202308140101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216305&ga_hid=1071665680&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=652956352&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076876%2C31077148%2C31077067%2C44799578%2C44798323%2C31077111%2C44796312&oid=2&pvsid=1358793954252362&tmod=988227627&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.aer5t6i6vn7n&fsb=1&dtd=2126
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ Frame 937B 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077111
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91184b497b139df261c2b40f01b4b221819e3b6554389574eb14b5458f978b9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134743
x-xss-protection
0
server
cafe
etag
3657375934797911021
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:05 GMT
4a.js
static.adsafeprotected.com/ Frame 3C26
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464743/4.js?adContainerId=brand_safety_7yvdZJSrItKPjuwPz4mFuA4&cbFunctionName=goog_wrapCb_7yvdZJSrItKPjuwPz4mFuA4&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:33 GMT
x-amz-cf-pop
CDG50-P4
age
90213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
b0__RpRZcbHd2PoyzsgDr4JNkOYUDJbvzziMpmnxusOH47ltfrwksA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
server
nginx
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A0D6 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7FnVIuWLFJFGLiytdFFk3dppR7BAqcZoz7GnOXH552JDzszJlerjew==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 70EC 		831 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab9092b00548c9ce87b6bf20077e40885d9ec806064de0fdbde38827a0c06272
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4MQWj0GSxXqki6V7gBEeHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-4MQWj0GSxXqki6V7gBEeHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:05 GMT
expires
Wed, 16 Aug 2023 20:05:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F87 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ADA6 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
488ab5c640acab6f4b3aa79acc86490d627f23764d79827efe2f2f613ca7d92a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jes7OsMjqMYF-iYkNeGhAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-Jes7OsMjqMYF-iYkNeGhAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:05 GMT
expires
Wed, 16 Aug 2023 20:05:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 9DE2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 9DE2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9DE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQJAzd11_BqavwhjsJ_um25_Q5kS4Be88dLcIBRdnK97o7PStBMDMs3sV63dy9NA2CWrdQUDOG1-8d_PPXi51Caf60nvlV3hbiVmwzFdEO5-KrNfFGB3F7FDcjALiySYi-8mr5PDjjG2L4UWx5VYXqHf2PaMNSCDpry2rqQaZkOIVxDQ3A0sOsv9XGa_BKRt3x4hCDer4HivwZ1GH2a_elt7YZnhQdPN-Q5yP30-FOJ4xGwSmcD_qOv_A33CCyy7G61OdyeXIIX0nq3IfBEVNcjQjVdse9WY-MqzoytTdYZtLsTH5XtGvo1W9D0W4dHtAb_1_QUZmKO8RD06_AcmOj-IdtTX-A6Y6uyIIeL7WaagGMJiegOtawPDz3RR44aUfT2xlhdl1gpxVOGa-0_LSQcFE13cRmJ5-Rkj3eNpbILRv8QdC44IAtWPXwdjssu3vg0f9Ibovsc_WxM3rYeSMFUPtF8UC5-s7v8K8sgOLz0358ldafhkoRk351B7q48xQf2glFLdtPZzxYxcTBWtOwnmggFomT3NiQJeiZq9FZ7Fd9i47281vrmB4h-grpvsCNiz7XIzf5XMibhzn7NzgQicpk_9-8XCJDLUkZ6-qvbR7peZDBSpcgQIoCzml6t__8CF7B93mb8yDBPgVYGqksmcE63NfsF_0Bx69kNDtOAL-1nXzSEf5giddTcXj7cpo3-HWMcYv6ZeiXj70ERNW1q8C4kjTD1M01KIm2Iy9k-a9uq8_nRdnkQOxoQXJSOkGefxgXEhVMikXP63AfSQfelaLCmB7jjT_6qqr-LfKcPUAYddaVc4kCAHW6mZY5n0mEK-IW938WU6l6bu0sVmJ6ueRsJQccEpmDTsX8VJCnOu2kcsV0sPMO-UAx1YOnv_oHpAf-epnx5V-WViCjfE0mxNGxUTFnA__L1RpfuHMxFesC8tbQO27JABznTHT6kFVoL5sDbG4GZPmeWVaqoKXUx45J79cgkPck5ldAgf0aYM1gU7PbFwvW5FzMTPB4JHt22y9-1HwPagvJtZMnoLORz7BCGiS_ymm7Z0Nsbtdjfx4WMJB12qNDuTYHChySDWDXMJGUaBqbICjKQfJ3KLR1crphRAz3xQerc5QGN0mT1RbK77FaJNgat98ul8Rt_v8IK7oWNlwTijOf0zG-yyg1d7PTPFrOismQXkKhBc4qcsG-Af0px8Bxxk_q8baUyJPBrCfOJWpliGsH_Iz4axfM7A-9_mw6FyzhskLpxOwtKpPK3e11sDJsIp6d4WlJrW1DDrQH4P_Y7_SO-wmAB2YSbReVZadRjhtE8u8v4Kk&sai=AMfl-YRhLG7Z0VNb_Cqs9B9iu5CTlC9JWayGiZQhne-gBQCzw7vd9KwVmkbvVGnFgif0FSSXDABXqXIaYilaNt7I44laULtB8-Lb1CVVVqIj6RieFStiuE4ohXRL57UudO4KAr3d9dO7-yekD-tfDGeqfNUwcxn4w7uUVVerGw25Gh_anZPiDVI84R7QA0C-wBY4atqrFPmmUFNHcUssUjKKaMz-sNNCuL3Epgg3TDLAfzdDAqCbf_L43sp3HKJA7mHvPohySWk&sig=Cg0ArKJSzJhcKcEmIiddEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230815.27224&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9DE2 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
6123872096553561460
s0.2mdn.net/simgad/ Frame 9DE2 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6123872096553561460
Requested by
Host: 23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
URL: https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b07497cb04105c8e81ba5e6d8bc8096cf5866021885cb7261f210ed5ac5acbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:13:57 GMT
x-content-type-options
nosniff
age
136268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86161
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 08:10:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Aug 2024 06:13:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 92B5 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
encwumjulb0v
hal9000.redintelligence.net/zone/ Frame 92B5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=&gdpr_consent=&rnd=1692216292146692&extVar[]=DV360_SSP:8&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjmYl5CvdZIT6CMaL1PIPham4yA-bpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCAoPpxI5Dsj6oAwHIA5sEqgTDAU_QHr24Hd5rqOxk_WOcrVY5_5UQ9kqvrfoaJ7G0_48iRh2p0rnu7kglPhgiPrrNYzyyFzZSI1Fnl_kKpe1c5gEPzw0KH4dTzxyicTieQLgrQlJu4D455ryFDjbZxXWS3-tiF9gX-0Cz-O6es9sqZMBUN9l-YhARz1Ao9fauS47oS_yAy-e90ShGtW8pGNJDHVox6npS8RH4QGibh7tz18r777eHltQuNZbG7a4_tdHgtgi6RsZwQ4iYShCkbPzjPILcxsAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhPzn9_zhgAMVxgVVCB2FFA75EAEYASAAEgKJ-PD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWDnSH1dYuNJU_T7oDVfMVK0jQPavfsxXo1tZFPxveVOivG_HIVEB87rD0qvfwGAE%26sig%3DAOD64_3DqcBhGPOfW_kwnFQW59MisFSubQ%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-AorqVrwoJ-J_O5wgc9FWnfuuRQIaB0GjbQDmmZV3Z8rUIsk2EuJwNZmKXgkytRr4u0SQxjTHQhZmecqZ1us5rdXncH-Xio1DcIYJG6odI908Z3fWDk78WnQcuinTtZ0Yjvoz8QBsmJmcNEnHE_vKmblPSl_F3eBTwgDP22veS_ak3D7ow%26cry%3D1%26dbm_d%3DAKAmf-BOTLn3kU5odgWK3pIi-N7n8dBgIzGtmyYs6qwnRDA1EYQXIlDEMqW8aGOIQ0Zzv_oSV8_fUup65Q3IX-ZI2GEO3_4rhkNocg1AdMp-41M4C4sGNguk1nCeKvhto0RvkrOSAJyzE3bXc3_QVlETwghu3kXQ9GHQYX0CnbKKGDXLFSi0pErh6XKCTZaWNTwsSD4UpIKOy33up247HBWGg4ABIVNWjAvIx_Pr8BWiISp0Rt9vCVWVNGwyY96hNfzT79K7YhidkkyeYh68IlS92WWjfkBfP8Q_PtnHQWz7BKt2-vpFiM0hUL_zT6U1ZVq_zDam06lISaWO_G_EFEglROZpeWlRop9LpYBzHy3wqnF71dMXs1meV0d-bJy-ZqohnUR0gzL6Kkn0sk1Efp_a5_1XzfkqMwulnx3JnHz_a8EtGKdlPWbUDPnUX9aYv5vRyOP2WpFiM0lhvNttBHdFjIxJF75m3WKvmNtsYvoT-vHog2oFZ6Uz3zRgpLGQXDumQnp7PBcVPE2jlMowit-lYnJ_wZX6zi7kg3pAian0V_QybxkAbw_WJmJupmf6RdMEA3GPB_gbFCde9q-ZlGrU8GzmGp4UHA%26adurl%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
de4820d131255c59a3e43b25b0234546ba27dbb80a4b8d32d2404ebf57c3fd45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4175
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7538 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A54C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZLv95yvdZOGECM2QjuwPufqqqAkAAAAAOAHgBAI&bg=!IyClIHTNAAaiGN5Pghg7ADkAdvg8WkNPpa_WDJ0ZsJi8Mkc8sdgoB6OsBxSHWETC4-d7emar870MxwxGoYF9aPuBh3yfvCkjkRYCAAAKWVIAAAAIaAEHmQMD6hQb69A8kbgdJRrL35pMaCXNpXMvP-TUPhj7Xmzdao9FoBfMJvaOTFHCVIwTIFLm1wypD7FbZK7Jh0tilPEdh8DnZwC13SCj4LTWE3Yb_GkUkuNzSR2qi2p4DWBziD7HatuZzrfnhOt3uK1XVfvvfVoz8bYzLjfsiEyp-GQoRBxv5KpmMrf80xRaqTXbb1MKRMWhzLLY2iM1RIyFFtR_EgXa1meNneiohaq8T8_oPVYgjryBrM8940yOkNb-RVGLjHL_i8ltYDu17D_mPlcBmI5Zhu6SWYct8qqTiJ9OHPNc79ONyMDASkPrhFstaSGvar_c6I9dXF0cv7ANc_1OEtNEfEIP-yLb93qlaG1qXFWDMLU_6qyYJC-pUuvicJqOOHjWWPfdidxXlZ4ZA2qYyvOuhxna8fxRclmU1RfOrONdpe_xZZkYmhxYtwaS_cOatTJ4CKvh4ZC-zUSIaIZ3hvGyEvc7guPfAyHT9g5hNWSUGf79BOQXUJsCk-JD4LUBnEFJlCeUhBzwbkcpQcgCJn5XDmeQvP293FdfjWb9Enl6-VSN1gEvGkn5o0gX2FnogT6zGZ-FkuZs5ohUAHSEjafTILngbkHqkjfhyEPs42yUfXWmUUlPp1eHtK2XaHKOcScUfCIrBfiJ_xVKn0Oa1NlXU1OYCGmiZHD35ZGf_jZVvgxP3pbx56CulwW56VpwlMUqJccdXfw5gQ5Vv8xtoi9C_V2_sezuhNyEqFY4l2G8fO9yURpuSvK61SIpUwX6ta-aHZm9IexvqzJ9CEC2KWLEQi4soqyeNNafRCMMug4f_hvkC7DjFkJHCdlZ1e1cjC6MceXzYCQ4oMTm5FHG_TPDV6nckKA1yHld7oBVU988-9d1VpEjkGhVWHhOq9f6nHjPQS-UN9OpfvS9ZDvBOg1jAmM2HjSLpm2gNXS27G8RumBTrPiH8uZPc6EPf7eQHU6peg4U1YgmHt_1WeiHCfYhlRMrjoll45UmLHPJUYGGwhlq2jqzOWujLWmgNU41GS4v
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 92B5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsto1-SIY8zCmoCOo3ElFsrhxBogJK5zH2a36UvuFGPLnuyq9YkAlSaB0r5a2_hztnUWen2SQI-PgTxPDFEFrh-if6wbQKS0qDtjVDQfc7MjwgHI3xesFcDBndUjHfeUtzFMs0lpuYYnuouFwpQpAZdglASIdVv02NTXvqkJJtTwG7xcfXROc3NA702xdJqwMXFoYebaTruLrT_05OydMKOgU94fU_HzVrjGEhJcY7mThcRgbsExcnQx3Cb_qEdddzTCjOrGZz6jdA57iPL_YD9YIo69eoqgUopZBq42gC_h50UGwcOvjnp0VsYA3viEgW28dp0lD7ZU91R6PH-QAR9X8VM&sai=AMfl-YTZ2jgit_WHWe1_ogXn58SWxTCcQ69unc7-sDlmqAl4GKpg-rL_7uzXkgtNwFOopJjbOHCmS6A9d23FbyY9U2tKIZVLGTajmWmuaKdWwgBMiX4ShC0zHRONlBpm9MM&sig=Cg0ArKJSzHcVXMtaSHhNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:05 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4274 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C26 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:05 GMT
index.html
s0.2mdn.net/sadbundle/5401670607341155244/ Frame B000 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5401670607341155244/index.html?e=69&leftOffset=0&topOffset=0&c=4b9doB8sFh&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
759
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:05 GMT
expires
Thu, 15 Aug 2024 20:05:05 GMT
last-modified
Thu, 22 Jun 2023 09:01:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3C26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssAsnwOPCI_ScvxvxtTC1WX_9VCBj1YkR-2A3foKratGYq7hnziYnLvjKaoMRUhejZdiI1GWnpTR2Ymg1P-cQnlsFDWGn_BRUYLvVskWAlVoBmbwNWzX3IHtxXO1aJudcXvcIZ9po_sKgSJbekKiXrCrxrMNZTgVXvrqJd3FswU54hO6bt61-PA07fclF5xRm8az5bGugNTbZMdpTv8ieJDRstvRD1-JARoGQy_udsyaj6pK1yS4iAgqXB1xMAMywA1dKk3caxhEZbqclZM1ifC4QZAnZWUnh9XSx4PHViP3uarhH6-SIjW0IQld2S3FBGiBWsMMcK84XPNJnvub0mK5OKhwOfFjpojtzByaX1Mc5xfkLcwJNbfU97OkJsOX_YiECwMLviCAY9UC1g82hds7JJSPGDkIN0SnyegyMw-JL_jAIlZqwYY3FSXgpUGapH6gfSQhfS7X-ABqO3b8Y4z0ocgxI7j2n5y4xlAH9IzYDEunr3_xk_e9Tnx1DXcdHAzOTctbtiPmXjMF6A3K1SJeSEzvK5-eg2iuQWuDEoOB2kmzw-FZ4mEY4H0P5gzVq2ph1Ua7MZ5kHJfz6wl28dGPvLysaEP8bwDDAmXm7PG88Eww1epESD-96TQ7IFNHL_3d5ivOpNvkn9ubKeMGwkqExNHbBRqvm493IMWEx55dQ6R7nkE2-3woAJT9XKr2m_9XjPifGx4OUJn3NJmDExlnkAr8GJNV4qWCrl49lCVKtlFWKZHZxE8IS5_sHP7PelQ6mYgoX0pgRV4wOnK_IlwkMorCLV6GPmqcQUPTqc-EKZ1M0R4wk6ZV2_Hl_L_rC8ckCC_2BLyI7E7voYi6ss7jqh9z_x3rZQHthstNCiFDttBa2zeo86klO9XA_9fLGq6AdzZadRSbHUv6fm3slIF-5r7dl1KLy66atW_ozSpDIP68nQrSpnYasE_w1Ria-yJV-XBoLRMV4a4aROs36F2TN4sGYZQBL71psCT46CDNo36U5jjBRNStqLd9DjElN62MqKi5Cqmn8TTDi0G3r1up-Z_GC0jr4_qfIQuCFI1QcKYDkoa05G17_SMSkQZQDmLuWsFGz53rLJnf6ZHFL-GE8GAfpE0rfW6ILmJO7oMJ0__Y1tHfg3KWw40ChU9XL-2IjwpkQxHl9WhNx1BttxY0mwPEH30rtQOStAgo6HiTGAZhK31QLbk5S2L575fc0IFJX0NQ7v8JKllKYALQe4xQ-zFvUNmgaAbxo0VzfdxIeAeehZ1YpydmE7WMwgJ69bDoo3rsWT-4pPBGuYyQ6rGqLs36uoMg&sai=AMfl-YSJeaMnRM7RH9i4Le9fKKNvGTQXFsB9N_TSXH7ov0iSF-QFhLXe2eeoqqMB9hyiN54yk8pjgGbIJ2dGDtbvOj7QkKoIu1tA4ROL_xhyOcZFAqK2ZkofJEAzJpFWMvmS1wX1NTis3k7DvAg1bRAXnUsQ_-CgvuE8kgXmu2KE6BSB0xFdtqnQTpDpaj7hHewgE0wirFAv8CkbkfnEMwBj31ezOPnO8rW-Pf75Oo4&sig=Cg0ArKJSzAvQUn2dy-FuEAE&uach_m=[UACH]&pr=8:16C1C9615BD8B7F0&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1072&cbvp=1&cstd=1060&cisv=r20230815.72996&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:05 GMT
truncated
/ Frame 9DE2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83c341143c93c9a3c1fc4f7899453ddd139da0dfddc4205b09eca9c79e88b49b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D6E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCjlq5yvdZKeEF-6ZjuwP4N-juAwAAAAAOAHgBAI&bg=!hIelh9PNAAaiGN5Pghg7ADkAdvg8WgAPT_RN-XlSQCvks5YwlpzQdnrazuxDoPYoji8o4RF18Rs-XI915X9YqvIMrAtGjFW5LDwCAAAI_VIAAAAIaAEHmQMANZtGyT4KCazQ41wt51qYcmTmbtrs4MIvtrYydWgd70fnIeKxAU1egY--oUyQEPfyAL2wxObBwbGgARfbUrHLKCyvpk4gPCwPy8S0eVo9-fCfkPiEPv8fF29SY-nI_QVK3caY0QLFCMnZr6YJ6Rze6hcE8Ycv01CCm37SezBwxBLud6GcTzKbLajZfcvlGmT_yMZma3zDRe8DXo7O0_Yos1DGUxHLaO2ErElsy3knvZfkI2k1_O0Xe5Ksvd9j5WGzPQS5q3JXsGLeGjCP157ms9VUF4r_veOSktkrnMoaMmUlJr9IPuNTxQZjOPQKXOeHk8bvJN6nNf7EgFpXqDnbWc0TJhWW0G3a8vbE9miD85yNqq-f1oRaIwaH4IkOCrS2GCDj2c6d3rYr71osaN7yQtwgteaYWQzWTRIAru6XKyKIqEjtIwf9UFa2aus22PwLBcdd7G2HBQR6P4O1Dt3rn_pG1kE5TGDGj19qQH8TtnnCKBtNZAdNXvckHoo63lUYsT668HptQ7WCShNZgZzUtKw2t2MnajfLRFhnu5JXCLzvbqYBWxJUqfJOFoKf3RqrTx9BVgFEWnGybLNcrJ0X1QhVcWpjSymQu9C8DtMZ5HHDV7H-3xBdpOIHtADQEcrzBsZC1QqOBqaF-OcXUHfFxdKsOtFaQruxK29o7hefpxMn_bNot_oc9UAcQ1WBbApHetOlUYz9vm6CeIGqtvsj9Jt2Nju0B7bJXWZHNPIZd_IjaVORsvr-va6zVz9flUOJsrjIeOQ_0_w-Cj13r6st7nJ7wyVy4y-fdyO71gyaDS1XT5TXDrjO6XErkvDckzrNmFTo2y5B3hdm3HP4qzLqX-TCJiObdBA8_fOa6AIg-D-xMjWNih2pLpqfEanB4E4QYLdJGgQVA1ruuc9yH879vSTaYm4cQlMI8Nr4yK5jN5bZBz-1pY5dlHLDAnrhdOPT8-oFQFY9KozS2qSvS3VHFn2-qHr3N0BZJFfQW5OyG9lW8RIfo008Z6Mw-kryVeSD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=f7a09c62-47bc-5393-e913-194b84f75e3e&tv=%7Bc:lurNLy,pingTime:-2,time:425,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:2617,mdZ:2657,beA:3290,beZ:3291,mfA:3293,cmA:3294,inA:3294,inZ:3297,prA:3297,prZ:3309,si:3314,poA:3319,poZ:3344,cmZ:3344,mfZ:3344,loA:3526,loZ:3528,ltA:3714,ltZ:3714%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:425,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:353.797.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B420~0%5D,as:%5B420~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C196%7C197%7C1981%7C1982%7C1983%7C1984%7C1985%7C1986%7C1987%7C1991%7C1992%7C1993%7C19a1%7C19a2%7C19a3%7C19b1%7C19b2%7C19b3%7C19c1%7C19d1%7C19e1%7C19f1%7C19g1%7C19h*.1549653-72464743%7C19h1%7C19h2%7C19i%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b341%7C1b35%7C1b4%7C1b51%7C1b52%7C1b53%7C1b54%7C1b55%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b741%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b821%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1b93%7C1b941%7C1b95%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1ba3%7C1ba41%7C1ba5%7C1bb.987057-61527017%7C1bb1%7C1bb21%7C1bb3%7C1bb4%7C1bc1%7C1bd%7C1be%7C1bf%7C1bg1%7C1bg2%7C1bg3%7C1bg4%7C1bg5%7C1bg6%7C1bg7%7C1bg8%7C1bg9%7C1bga%7C1bgb%7C1bgc%7C1bh1%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:19h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:24,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDS.B_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDS.B_0__container__,mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_1_ad,mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_0_col,mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_zone,mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1_zonewrap,mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1_1,test-grid,test,main-content,page%5D,sinceFw:395,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=2669857178375524&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 743C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU4Ty6CvdZOjPBJaGjuwP6sakmAEAAAAAOAHgBAI&bg=!trWlteHNAAaiGN5Pghg7ADkAdvg8Wod8ZKA2qoxuIJjEukIMfNcFb33rYtmXudEnJOIXY5o-Ia_tENYsIwdQI6Oj9VOgvokEV7gCAAALL1IAAAAFaAEHCgAJoff66qyFAXmXmQL2D3h2MHEGn4n4WQpJF1HYQEGko5xY48sTxkSwvHGZcEdkRpsyJh2_Y5Y_s0WlUeQKHQzI5G8rjskVUxD7_kOox5VsLgfffPeSMZmosN0SkFAUXd8zYndrkMBlaaYdYovGED7ZE3bf5EHwdmLeS9DHJi9B1Io2iLHsV7sHs4vabntstB-_vhux_LThQDJ4gghDCFhmdzTuFf7TZf8Y8gbBi9RKJYyxvrCY2Zqcy3J_Xvs3QvQsoS_79BH9jI1CrH-SVMF801Uj5UB9lK-Amdnjso3tgInHlCNObajZXUzTqLhqhydygUYWBwIET98HN8o4l22vqQZ0eFf_8pKr4TQBkWjV2HrMM44ugX0ZzGDkR5e5ZsD9vYRKhLnyD62V2FRnDKTu6fh6NirD2MA0K7H2EvawCsEqOvM1bxfQxCH-PeH5x1OnwRC4-7SeVsEZWUNDb3sswvY4pmCeK46jLW0psc9avz94uMoRngtNvyuN4Cjgpq6RceAx5l55NGTX5Di4wPtkI1p-MWp2Nblc4CAFNkzmN9yqVv2pNY3jszcNxnxmuZPSsGx9IBSr0rTK1Io6K1yfU8OPc6DnCh4wngN6TeoXk-fFUQ1efaH25HzFvlNA8XBec3uX7W6iCk_v9FcEI60lgvb5S8QpHSXIQOazdVvzcOhq_qiRN5G0jZ8g0wbnTzlB69X3BvJjFsOF5tTwsfLRgRS8v5EYk8YREx0cYA7zTyOznyj7bgZv4k95y1moTwCfBNE8QWJMQRtBZ0P1ge4q-m0uTgayJVfx8AVNQWEHVymEI9OGqC4ogOx2CEYt1hmh-7AnZiAnD1fZM0F1EjUKVnDUlXWWwRLqRRgaSyum44oQAsyZiR1dwQcrcyuYeUAeGnIfW8Xa3H-xJSFYkYyQqVJvP5_EJpdffav7DIM1Z8h3XVFfwn9iG9KzHzfdJdyWTJuQmsR-YZIdcBoSqawmjFS5iFbZf23tJyMtB8yKS8LzndTZbNfpEz-7BkQnx1BH9KU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F3C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=1969310275089779&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A4FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=895952461367659&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
Pug
simage2.pubmatic.com/AdServer/ Frame A428
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 20:05:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pub
matching.truffle.bid/sync/ Frame BF5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 16 Aug 2023 20:05:05 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 22A0
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A317FDC798E84381B009CBFACF0D0DB6&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A317FDC798E84381B009CBFACF0D0DB6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 16 Aug 2023 20:05:05 GMT
expires
Tue, 15 Aug 2023 20:05:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A317FDC798E84381B009CBFACF0D0DB6&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame A2FF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1692216305798
  • https://ad.turn.com/r/cs?pid=45&rndcb=4076660904
  • https://sync.1rx.io/usersync/turn/2658299185019424115?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-a1a05b71-a586-4b11-a381-95e34e157a60-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
42 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Wed, 16 Aug 2023 20:05:05 GMT
etag
RXa1a05b71a5864b11a38195e34e157a60003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame E374
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6671895379648701912
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6671895379648701912
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 16 Aug 2023 20:05:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
an-x-request-uuid
513e32d6-543a-4c9b-8a53-f1643cfed39f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6671895379648701912
x-proxy-origin
178.162.209.136; 178.162.209.136; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9865 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGmLv5ivdZPWLOqqRjuwP2ruE4AMAAAAAOAHgBAI&bg=!19Sl1IDNAAaiGN5Pghg7ADkAdvg8WtPIveUtY1MMT1tmwetC58ATiJSYtNpqc9dta3L1MsY6EqZxX2aFof21wI_CpF5RjGVs650CAAALTlIAAAAGaAEHCgAmxihdBy-whAnyU1RaAwGSqXu30zmaS4KCNZe2YukEUyUnR_MzbSmZAvTmr7e8R1uTDyt44JIqDlBihqgbA7yVhboRol51D9calUfVFKaLSxUdUnNdKHKttXN2SxWFATPrrkmR64_rb8DijNLg93OycGIDYJAV_vdiIZKBqvHgedg9Nl-rkAOdIu1K9qshfyU-r4XEfhpQa682Ik0nO89F3Qcw-xNi8FYORH9doB-gro63CWD87gemDooS2pmIZkyS5gMUxOM_pqJT06X4elbqYgyuaPGJSQ5xMwaU767fVoJuVNfGUvT-iuOqBhLrfkMakVrFQTX2iJXsre55YdnTqSeo9qA1nvGz3_S9Xcy0t4PW9ywNOWdWcyhK4nNqysGipTYYdl0azu6bKHwdFEhJgh6_BODbLJ0lpYmwL7Zx3-7TnAZT4iAo4M4St9IuoqOdt6dMkBuCSIdC-33MEZv4oNTFJRMUyMZyGc6AjhRqb3CkZMz-cA2JSADjX-bxvSLsT9doDaFONOzgpWHitADZBc5CTtjcsSUCAMnnKkefYu_6ufIU1nnd_HXf5oQ-ESTIunw52Rt6yGTWmlh_0se6lBqC8ESTM53IH2ytdCpD_euvZ2VQWLBtP3imSbtj2usiGloo9E5ZH75d4Jgdz69aesVSNWnPJxiZD4xVig6bpfLAxkRkQ7UFAyPBZs5CKVzli-iGHm1OJ78yDwdzF_YHtBxDMYsi0JQp0EVyVdgllakejETnGYf6FINACj2mfYVeyPZgSLbgkMeDfQuaIwuNFTJ-f8957lVcXBmYTwLRjje_STG6FRCIzQw__WXM0wRsPOc0bUeVlYRUJH7h_vMLt03c1DlZaCr272viIRQfrTOrvok1jrbbpRWlSMwQgS1ucE8Z_OA-S-5SLSl_6dK-fx6X9hgjU9EK9pxiCry66rKWtYE58kgNj-ekkTxqJNUZsYKsbJSg-_qHu1RDsq4xP2RwUmET6MaiMDy7MPJZOgfFxBzF8FaLBaBTcs_3Wt35XlBHcWB-JFKa1nzejs23T4o-78gOqHMA7aGRIT8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C26 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMy4e9cX_EtxdOf8QqGZ2a1sL3tZOy7ERYrO8_OgrlEz86gMxpNElYc5YYfdPxcottmtYJPG20Zg2azh5Rqkx3RLxt2_CKPYy6vuey8UjGuR4wrZP7&sig=Cg0ArKJSzPIw4FEnsVehEAE&id=lidar2&mcvt=1127&p=796,353,1046,653&mtos=1127,1127,1127,1127,1127&tos=1127,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2460199046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216301998&rpt=2645&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9DE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQJAzd11_BqavwhjsJ_um25_Q5kS4Be88dLcIBRdnK97o7PStBMDMs3sV63dy9NA2CWrdQUDOG1-8d_PPXi51Caf60nvlV3hbiVmwzFdEO5-KrNfFGB3F7FDcjALiySYi-8mr5PDjjG2L4UWx5VYXqHf2PaMNSCDpry2rqQaZkOIVxDQ3A0sOsv9XGa_BKRt3x4hCDer4HivwZ1GH2a_elt7YZnhQdPN-Q5yP30-FOJ4xGwSmcD_qOv_A33CCyy7G61OdyeXIIX0nq3IfBEVNcjQjVdse9WY-MqzoytTdYZtLsTH5XtGvo1W9D0W4dHtAb_1_QUZmKO8RD06_AcmOj-IdtTX-A6Y6uyIIeL7WaagGMJiegOtawPDz3RR44aUfT2xlhdl1gpxVOGa-0_LSQcFE13cRmJ5-Rkj3eNpbILRv8QdC44IAtWPXwdjssu3vg0f9Ibovsc_WxM3rYeSMFUPtF8UC5-s7v8K8sgOLz0358ldafhkoRk351B7q48xQf2glFLdtPZzxYxcTBWtOwnmggFomT3NiQJeiZq9FZ7Fd9i47281vrmB4h-grpvsCNiz7XIzf5XMibhzn7NzgQicpk_9-8XCJDLUkZ6-qvbR7peZDBSpcgQIoCzml6t__8CF7B93mb8yDBPgVYGqksmcE63NfsF_0Bx69kNDtOAL-1nXzSEf5giddTcXj7cpo3-HWMcYv6ZeiXj70ERNW1q8C4kjTD1M01KIm2Iy9k-a9uq8_nRdnkQOxoQXJSOkGefxgXEhVMikXP63AfSQfelaLCmB7jjT_6qqr-LfKcPUAYddaVc4kCAHW6mZY5n0mEK-IW938WU6l6bu0sVmJ6ueRsJQccEpmDTsX8VJCnOu2kcsV0sPMO-UAx1YOnv_oHpAf-epnx5V-WViCjfE0mxNGxUTFnA__L1RpfuHMxFesC8tbQO27JABznTHT6kFVoL5sDbG4GZPmeWVaqoKXUx45J79cgkPck5ldAgf0aYM1gU7PbFwvW5FzMTPB4JHt22y9-1HwPagvJtZMnoLORz7BCGiS_ymm7Z0Nsbtdjfx4WMJB12qNDuTYHChySDWDXMJGUaBqbICjKQfJ3KLR1crphRAz3xQerc5QGN0mT1RbK77FaJNgat98ul8Rt_v8IK7oWNlwTijOf0zG-yyg1d7PTPFrOismQXkKhBc4qcsG-Af0px8Bxxk_q8baUyJPBrCfOJWpliGsH_Iz4axfM7A-9_mw6FyzhskLpxOwtKpPK3e11sDJsIp6d4WlJrW1DDrQH4P_Y7_SO-wmAB2YSbReVZadRjhtE8u8v4Kk&sai=AMfl-YRhLG7Z0VNb_Cqs9B9iu5CTlC9JWayGiZQhne-gBQCzw7vd9KwVmkbvVGnFgif0FSSXDABXqXIaYilaNt7I44laULtB8-Lb1CVVVqIj6RieFStiuE4ohXRL57UudO4KAr3d9dO7-yekD-tfDGeqfNUwcxn4w7uUVVerGw25Gh_anZPiDVI84R7QA0C-wBY4atqrFPmmUFNHcUssUjKKaMz-sNNCuL3Epgg3TDLAfzdDAqCbf_L43sp3HKJA7mHvPohySWk&sig=Cg0ArKJSzJhcKcEmIiddEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=326&dett=2&cstd=0&cisv=r20230815.27224&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:05 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame B000 		120 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5401670607341155244/index.html?e=69&leftOffset=0&topOffset=0&c=4b9doB8sFh&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5401670607341155244/index.html?e=69&leftOffset=0&topOffset=0&c=4b9doB8sFh&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 07:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 07:39:37 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B000 		0
0
script.js
s0.2mdn.net/sadbundle/5401670607341155244/ Frame B000 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame BAD3 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpxK55yvdZLubN-2RjuwP5dCogAcAAAAAOAHgBAI&bg=!aWqlaj7NAAaiGN5Pghg7ADkAdvg8WnGvZCu5Go-Zwk3XIzjMH8PhAmgIMT62pu9s9TdIkPn7Evi37UOcbRzLWpQHc5zgArDxWi4CAAAKGVIAAAAFaAEHmQMFK5UiMFLy7uj0HX7PG3N9SG2cJs585KRkhFp8pYKcR2KGdm4Ja_HJ4-OlRsWvcqQEQcj2JSqH5_KhQYAX78Vwa_05bHRzglkgk4EimVDK7FKamc9YBY7vIR8Xoo7pZ9oLcFMzRdNVqcKuI0ojeNw1HRWUy3f6QhYqvTikQMNFHNkqRkpUP8tv4vTTIbJ71LogrMY66iJCg2YjeQB5rJU59onD61ZktwlpDksVM2R2QilKO4vSGRqJL6k63RzaJfBft4fvoXb8Cs-z1RrFeQFKmOJc4wcbx8FId9hKLdBL4Rb0qyv4Jo2ORCsoj0TtEUsCdaNZwEM3-WYohd8ApLMfB3sgrvk4itjGz_QNSQw1PU-AwgtQ9KQC7v7bFupFmDNKqx-aC9SM5Iky96P2nZToIBGkUBQ8AySYI7goHdm_HLIlSmSvV323_emXETnTrNlZjtPksSaDWyj6ybQ2W7NuRKWm-fM55Iid9qLTLko1GqHsSdeRlDqhyE4UH1oJWbh2SZgU7b3bTQBcr5umjNPPi12Tc5FJ1hi9I29odmZkt4xZryxcTkbFdQvg4MnpEde0M53rXXvaioQGQQ6u7OXL5qUI6-sqcCWZr2xwe_OPmu5iiGyHSJo49NsBQbqkbZshfsHaMfIxX3V_jRrjdv43tZYfGR-azHxLnmj1ZX0c-EP2Cf7foziyovZppApkZWI5TfNwrF4Dm8_v1mCqmknxL2ZnjM1TRr9mtcHeoralyMF7af4J5zfw5VfZB24f_cB_WyKOg82occEuw98xA3hpyO50eeaUvv71kQzKttakRw6c3wQM5sCtZGvXgPJVI1D8iRc42yULVHTde6Vzav8L3Cn8Nwexg2agYLanSVJrCdZpGa8e-6utX0jnk_nAsAC6SJsUFOm__ZEP1-AV_2jhc2PmkbAukkHql66J77aunfQNT1vx6gpycnuZ3X1O6abz0hMhlgqaRE3A8Gyz9Hk5ei0b9BADsL_R07lducP3BB4QmYe6Mi2CtlVgCmMoXrwpe1_dOvk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 937B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0FAE 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=2565796422&adf=3171372449&pi=t.ma~as.RON_300x250_House&w=300&lmt=1692209105&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692216304480&bpp=806&bdt=1474&idt=1383&shv=r20230810&mjsv=m202308150101&ptt=5&saldr=sd&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&correlator=2644579801145&frm=23&ife=4&pv=1&ga_vid=1630745151.1692216289&ga_sid=1692216306&ga_hid=1589938928&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=797&biw=1600&bih=1200&isw=300&ish=250&ifk=3226943779&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31076877%2C31077148%2C42531706%2C31077111%2C44799580%2C44798323%2C31077111%2C44796312&oid=2&pvsid=368999286145811&tmod=1880137617&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uq3o2kw0ca96&fsb=1&dtd=1394
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 0C2C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame B317 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 4472 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3DC1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A706 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bild-6SvdZNTQFfKcjuwP_-Cd0AwAAAAAOAHgBAI&bg=!V1SlVADNAAaiGN5Pghg7ADkAdvg8WqMKE8rt4hQf_128F5UmKwKanyecQsfLTUIk-6agNX-S8iNjjvp2jxcPekyuspvfAEnWV6QCAAAIjVIAAAAGaAEHmQL3e5oeiJ4GaBeTjftbvyGaGRhtYX22GEXx_EJj0Kj_cBb3fZbTU710gWT-_nbCqLcwlMBXYn_mOnKWcqIn7hvXzxAA49RFWsz057bfiZJwfAqcxYTyb-_uWPs0ZnzdVcBg1p9H37wV0qSn44A0Y5B6NJY7OPoFS69Sgm1w7PFMK4OvxQilUxJnEWsX3GpmL1n1YrLH2pw9WRqSQoE6wmO0Yz0LYY27FdwX9BpPEpBsAfCFtXmgTC0CQxdxfeKCHAGVYCOA1yq-PT_3_8UO1mU78-Xi5OLiupTIlF5pzQoiFBnRfodvnnXVpp1UeQ0ow_ySOsUNp7a1HF56geaejncFdieKeRm8OxkykICWtwqD8ci4I-cL_ZcPegRBAuLqT0uFtTeRgYwSWWiieuL4lsg4_LnKDzqKxQmnktJxwmZOTMTe-KSpwnxonO-qOcraAq65Ku9N0Xitp6tOsijskTXZEea0VsglQv_jLQ5UYTmSnlbQjakXspEkpqCgQBVM0P0txMQrqSmxmjWmNWRiq1p6BXx0m8pxjoN3pS8Fgy5lk3gx0AEqM-6QpichxJaLEWOY_1PzKvKZtyraKx_zV-dL5UO9vf6AB5CBBVFDjjC3LEo5b_U3M42Tx-HwyWM8ken9Xx1dPc9mGqgWKiB1QQA62jbWqpBTI8toefqZWhZ8gIALPWo9Fa5i-EkNDcFln_oSjgDEJAEagvOaUDu9_8L6qskQr2VELHprok5IJLhLwQo1pp2JzfNK7tynH18cUGM8Ez2DQcK-bjwjRNrQvejT4nz77UccGITXDhwCo4WQffytR-wcNI8xWCGTWn9hLrN1O7sKgAr3TDFIxWe0YVrTE0BQ_IASmnpm_vVNmAZOIck4rhEfUgb1x6MGxl7IhjpxbB4pd8f-PBsBt8gJRVuliByRtgE4-JP6ZJgk3FzRd1ShNBK3Uat5deQSWvWpER3AK4qcwZ8E5xiS3meWr-bdTu-iVgaGSU4gIKZ3oM1bn0_FIGm85pCs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D77 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 35D4 		831 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7457d96ab6720b3f9850e9ecfbbbcf0d02091d96820ee84f4b501e2be250b3bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-U5ylmUYrGyqaaAbBkX1OcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-U5ylmUYrGyqaaAbBkX1OcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:05 GMT
expires
Wed, 16 Aug 2023 20:05:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame 3C26 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvin04qWS6MYdSmafvJlID6XhHcjhBjc4D8KApQh9Na14Yb3qAIPStqXyxsfbvLIG5zW7ZJMVLopMHMAXCl4uYuszKYwzhHAUTPJxNzkNoD3Oc2sUDNAV_UXjWLGASNVuFX17GqHkw_ana4FXyKbynGgM_Mv8IzPkZOD9oTqVO_yAEBUqdOUkkzJ8llJvMjGHK4GauFMoHhdVWXOOo7hvmk&sai=AMfl-YRN1xBJXHrog2-UgWZDbpCV8vPz1QCE_ONPTMAKkPQ-jndowRjLf6taDc5UKfqbQHf_VyK_TZ9qko8VjqIOcVN3BLtdn9y6JyCM8Mo90n30OEDkw9cFFvhYUOzcJLqeBGE&sig=Cg0ArKJSzOY4sroEdCApEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 70EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=2736541321062988&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ADA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=1131171187450178&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
request.php
hal900012.redintelligence.net/ Frame 92B5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=6027289109&subid=&uid=15e867c2faed2471&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A8&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjmYl5CvdZIT6CMaL1PIPham4yA-bpoCiadWS6ovOD_YuEAEgur7wFmCVAsgBCakCAoPpxI5Dsj6oAwHIA5sEqgTDAU_QHr24Hd5rqOxk_WOcrVY5_5UQ9kqvrfoaJ7G0_48iRh2p0rnu7kglPhgiPrrNYzyyFzZSI1Fnl_kKpe1c5gEPzw0KH4dTzxyicTieQLgrQlJu4D455ryFDjbZxXWS3-tiF9gX-0Cz-O6es9sqZMBUN9l-YhARz1Ao9fauS47oS_yAy-e90ShGtW8pGNJDHVox6npS8RH4QGibh7tz18r777eHltQuNZbG7a4_tdHgtgi6RsZwQ4iYShCkbPzjPILcxsAE0aLP1IAE4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggNYmlkZGVyLTQxMDAwMIAKBJgLAcgLAYAMAaIMDCoKCgjktLEC7rWxAqoNAkRFyA0BsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIhPzn9_zhgAMVxgVVCB2FFA75EAEYASAAEgKJ-PD_BwE%26num%3D1%26cid%3DCAQSMgBpAlJWDnSH1dYuNJU_T7oDVfMVK0jQPavfsxXo1tZFPxveVOivG_HIVEB87rD0qvfwGAE%26sig%3DAOD64_3DqcBhGPOfW_kwnFQW59MisFSubQ%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-AorqVrwoJ-J_O5wgc9FWnfuuRQIaB0GjbQDmmZV3Z8rUIsk2EuJwNZmKXgkytRr4u0SQxjTHQhZmecqZ1us5rdXncH-Xio1DcIYJG6odI908Z3fWDk78WnQcuinTtZ0Yjvoz8QBsmJmcNEnHE_vKmblPSl_F3eBTwgDP22veS_ak3D7ow%26cry%3D1%26dbm_d%3DAKAmf-BOTLn3kU5odgWK3pIi-N7n8dBgIzGtmyYs6qwnRDA1EYQXIlDEMqW8aGOIQ0Zzv_oSV8_fUup65Q3IX-ZI2GEO3_4rhkNocg1AdMp-41M4C4sGNguk1nCeKvhto0RvkrOSAJyzE3bXc3_QVlETwghu3kXQ9GHQYX0CnbKKGDXLFSi0pErh6XKCTZaWNTwsSD4UpIKOy33up247HBWGg4ABIVNWjAvIx_Pr8BWiISp0Rt9vCVWVNGwyY96hNfzT79K7YhidkkyeYh68IlS92WWjfkBfP8Q_PtnHQWz7BKt2-vpFiM0hUL_zT6U1ZVq_zDam06lISaWO_G_EFEglROZpeWlRop9LpYBzHy3wqnF71dMXs1meV0d-bJy-ZqohnUR0gzL6Kkn0sk1Efp_a5_1XzfkqMwulnx3JnHz_a8EtGKdlPWbUDPnUX9aYv5vRyOP2WpFiM0lhvNttBHdFjIxJF75m3WKvmNtsYvoT-vHog2oFZ6Uz3zRgpLGQXDumQnp7PBcVPE2jlMowit-lYnJ_wZX6zi7kg3pAian0V_QybxkAbw_WJmJupmf6RdMEA3GPB_gbFCde9q-ZlGrU8GzmGp4UHA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ancestorOrigins=https%3A%2F%2Fwww.idrlabs.com%2Chttps%3A%2F%2Fwww.idrlabs.com&random=1908146515862&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
01b72c274ed4111542b38568fcd696e04f1ef2087425a6db2e146a1c581f3afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
25730000167160104444640012418012
Connection
close
Content-Length
944
Expires
Wed, 16 Aug 2023 21:05:06 +0200
view
securepubads.g.doubleclick.net/pcs/ Frame C04B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssS1stP6lEmZBD2EbkByqYpBj-Vx6R5OQPKjmQMKBHeXGhjwyf7RZn9jl4yEftpsICt3LCR233zImUkpu2Sib-0VAUh3h7Y3yLlbPmA0DW6dEYXG9semcP_qTBI2qRfRrOEObzjY0ukz1ftiQNIoKZdKTE4Vfe9iwwxlmvooCphfHpARBcVKpINR5nq0fcPH6rdA02SZYtIMcl2gzOjIO9JPc0wIMXhFDT5iEjDHQ30RQH3UxgajOPry_mDz0ddCXHBHHJw6qudxwnyTh8gQ_rbMpTB5gOldC-R6RMm6eYjL5B53yUJpVXjp-iE331A25ELniKHgo2cCKqPIqR9xgz9g&sai=AMfl-YQrU8dbb4JNjCsM7MT35EMhuZ4vrbdXqVYfgXcmamFm1JObqVEEE8dIHxq1AvetoD_Fwr4IcCa5aoEdsRz0zar2R1lYfKBmQ73ZHfnRW9eHXsbEwBFnkB0gYQatV4M&sig=Cg0ArKJSzHWRrgCssfltEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C04B 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5d1b2751cd1575f460daa73b56ef210366c9e3450259cc39669ec92e965ffaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11949
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5363 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqsXw6CvdZL29DrODjuwPgJ6rwAcAAAAAOAHgBAI&bg=!CQqlCl7NAAaiGN5Pghg7ADkAdvg8WsXCPflm-kLj7_c1Q6njeb_sqoZMf0G74-uRL-glsXwKRU3EsTeD8L0SoQvjA-gyytgXAYECAAAIglIAAAAFaAEHCgBwL6oiRUWqQLiPXn5Nlzr2g_AxjM_8xiSZZLVqi3igqHr-LTdlfLsyGPiX8pNLC9-3Irf87oh1U9hYmNopdM4Eckr4wqJEcFwt_UbhEITWHlV6OiFKzWNxNy2KCSMXqBjVjgbnbMteilS0r30UCoFer5kDBSy7cb-oX5h7PK7T-GpPSg3sxu5TEfce5VgORKQXlf6o6TRh90otk8Ilm_SvTYWnR4sPK1w8fDgSpNZElEftXDEPCqoxiXCea7gOP98qJMSDDf61AXRduNJoDeAlLQZW-bazr8oqZeHXM1XbGlY26u8QCWoZxuc4Z3hXdiwI7jFcfmsq0niJD5LmvxeYyi46jmTSATtkXjRGo08X_IgJlTiRlMSxl_qwsi4JrxO7u6H_764rpgssWe6KOon5lyTq7jOtt15cKXIxbAITOiaYhHICpxN_wNUb_rIrT3ah0Jl4rhbuORY72YIZmLnxwAkwLagfGfjhBI6jCMGI_nJJ2fqs5NMeKAX4niplptQjIK-JKuJsFWxC7jdqLDbWoXQ640a0792P0Vq8ZJuySfAJc2IsWnhPd-cE6l5lVVTkcOWnxKECEaL9jH0qWneFmXjz_G-tAGda0zmOK7zdRPSDiMbGV1NdMUEARsobMkCSEFA3tpjJCLGwZfmNRJlpwkfIK7oSfznxPhyuW1xdB9tyNgXJtM2M0Ksb0X1CQ40TUhHqtFAFTS4fwiWynEQcCpyulxPhyEZ8go3ls7kEly0zOUMyQYibxitdF76B-crTsRSlZjsMK04t4N5VzJNWtgl4QWBwLrIQCZUGewwthVgJNphXrAQwTKN18s-n3Q_0bTsxEo94dOb09XtpwAGOnsi_tKVUluefukS4VziD-5Neg95KyAGjmcNfcuxxTFfDM5TIWvPWS_NRJoO4KapYndGE0229UUB8UNKCR4qlCGADKcCyQVxp9F2jjbSN79Vy-jEyve6DwiSmyMXmH2VAP6JWvuqp7FbKAk_xq-iLiZPiRhZRuT3erHIKwh8ZN17IPH9adaAL86HLxQz8Yz_7ytz5zvdTE8bOoXOnJlHANW2KmcMQlewwHR8yg6TK1XCzjNqKlXHLYqtY6WfOOdMF8JjEW9uOH6U31r9qUwrGznrctFrGiefcMCaG_qGyiF6IZtRqIcQ4zjvDM2gbDEIAHJZDg54dXOS0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E347 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 4274 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3C26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssAsnwOPCI_ScvxvxtTC1WX_9VCBj1YkR-2A3foKratGYq7hnziYnLvjKaoMRUhejZdiI1GWnpTR2Ymg1P-cQnlsFDWGn_BRUYLvVskWAlVoBmbwNWzX3IHtxXO1aJudcXvcIZ9po_sKgSJbekKiXrCrxrMNZTgVXvrqJd3FswU54hO6bt61-PA07fclF5xRm8az5bGugNTbZMdpTv8ieJDRstvRD1-JARoGQy_udsyaj6pK1yS4iAgqXB1xMAMywA1dKk3caxhEZbqclZM1ifC4QZAnZWUnh9XSx4PHViP3uarhH6-SIjW0IQld2S3FBGiBWsMMcK84XPNJnvub0mK5OKhwOfFjpojtzByaX1Mc5xfkLcwJNbfU97OkJsOX_YiECwMLviCAY9UC1g82hds7JJSPGDkIN0SnyegyMw-JL_jAIlZqwYY3FSXgpUGapH6gfSQhfS7X-ABqO3b8Y4z0ocgxI7j2n5y4xlAH9IzYDEunr3_xk_e9Tnx1DXcdHAzOTctbtiPmXjMF6A3K1SJeSEzvK5-eg2iuQWuDEoOB2kmzw-FZ4mEY4H0P5gzVq2ph1Ua7MZ5kHJfz6wl28dGPvLysaEP8bwDDAmXm7PG88Eww1epESD-96TQ7IFNHL_3d5ivOpNvkn9ubKeMGwkqExNHbBRqvm493IMWEx55dQ6R7nkE2-3woAJT9XKr2m_9XjPifGx4OUJn3NJmDExlnkAr8GJNV4qWCrl49lCVKtlFWKZHZxE8IS5_sHP7PelQ6mYgoX0pgRV4wOnK_IlwkMorCLV6GPmqcQUPTqc-EKZ1M0R4wk6ZV2_Hl_L_rC8ckCC_2BLyI7E7voYi6ss7jqh9z_x3rZQHthstNCiFDttBa2zeo86klO9XA_9fLGq6AdzZadRSbHUv6fm3slIF-5r7dl1KLy66atW_ozSpDIP68nQrSpnYasE_w1Ria-yJV-XBoLRMV4a4aROs36F2TN4sGYZQBL71psCT46CDNo36U5jjBRNStqLd9DjElN62MqKi5Cqmn8TTDi0G3r1up-Z_GC0jr4_qfIQuCFI1QcKYDkoa05G17_SMSkQZQDmLuWsFGz53rLJnf6ZHFL-GE8GAfpE0rfW6ILmJO7oMJ0__Y1tHfg3KWw40ChU9XL-2IjwpkQxHl9WhNx1BttxY0mwPEH30rtQOStAgo6HiTGAZhK31QLbk5S2L575fc0IFJX0NQ7v8JKllKYALQe4xQ-zFvUNmgaAbxo0VzfdxIeAeehZ1YpydmE7WMwgJ69bDoo3rsWT-4pPBGuYyQ6rGqLs36uoMg&sai=AMfl-YSJeaMnRM7RH9i4Le9fKKNvGTQXFsB9N_TSXH7ov0iSF-QFhLXe2eeoqqMB9hyiN54yk8pjgGbIJ2dGDtbvOj7QkKoIu1tA4ROL_xhyOcZFAqK2ZkofJEAzJpFWMvmS1wX1NTis3k7DvAg1bRAXnUsQ_-CgvuE8kgXmu2KE6BSB0xFdtqnQTpDpaj7hHewgE0wirFAv8CkbkfnEMwBj31ezOPnO8rW-Pf75Oo4&sig=Cg0ArKJSzAvQUn2dy-FuEAE&uach_m=[UACH]&pr=8:16C1C9615BD8B7F0&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1494&vt=11&dtpt=422&dett=4&cstd=1060&cisv=r20230815.72996&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:06 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 48D8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 4F87 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 143E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqNI66ivdZJKIEKazjuwPh-SzqA8AAAAAOAHgBAI&bg=!fX6lfirNAAaiGN5Pghg7ADkAdvg8Wvc3KYB4hBK05hAPR4LcKMf2-E_XZS9deXL1Obx4P9fEUZ10GoRfM8xX1xtUxTLI3uJ97p0CAAAIS1IAAAAHaAEHCgCF0ezW7-iBfxRFRHjE9hEW5G2FB_aRK49pzH4Iu-uSZL0xWAUoHjAZHeuFsnPW0Iiz5PqU5N1I8MnCfGapVTckrz4mriirmQ0FEVaT6is82JiJpoDHvnxd1S14DR6YCXFlxrt82yht0pV13lvQ6ZA2G-JYmjCtpgD30TB2DIGxkOyOaUXZnZkC6QLBtn870KFqcqJNq6UEvTrMuzMj7UzJ1XNexvcgRbYHMhw5-h5osvllI2YeETpOYFdwvmmqaWUyGHD8Mi8O7TBWUuW0kHLjzNBbW0WmK5S6E5wv8n--cMuzYJSbfqeAmsJkbXKqv2R6sjezN0IXSf5MnDbABDbm85QDcL-vIYrCGBDkJFKZYKA5rEnq32LTntd2hISYPRfPOCtu8PRoPxJ1swI5F9rxjnFiOf1mDuiP6o9qx7Ov8vgmnlcfbCVDm5OzRVsFv3kv6EI61l38a4M5qPKbONHqFMiv7qzoYpX7Lx7zYp1FmpIO8gXhwYoytzUO40wmBYUdtm5N8TL9tp5YJWXpi0-5WXvMSaYeP3SwHWTqiPPEDvwz2GALUmjTiGHRk1Rn2-zwbf4B-9lpShHOwRh3C50bHD2u4pgpet4kYtxHxRH56YrQ99ZdZgiKSa8W0O1PxLtgkTthl6oUtsquq2e1Jbr1kn900mIJN2lX7CzeggowfhkkVwKj3QNyZVloW3NDaI3kQ47b8Z4si8PvzLLI9lJ5j2ZpoQQtOWi8om9KPG9dL2PbjIH-CqZCc7IcWnzZyhxxnH7uMosoScIuvZUTBIJWtitv9fQyaqzjohd21CtSj9zk6E-9W24B1Z6l6OJ9NLgPldgm4gwMXDZGxZUrLe60-d4HRyVz92H9VxCl0v_kLTg3sp8QgEMYOs4_DI473auumPFKyUT9IVUhmjYgd7NZSzmy0zvuotM63ts-Wc1Qrvr7-i0SvhtLFALzwiJZnaAYpAhDNK0eIvZwN5VnA74Txi4GKx7Vs3GD-pODNTOfiu5SwrBHjkkQSVn94WnLSmnqhJHbdJB2ucCEldyuM__Stu9lKYQi9QsJAnlrtyO01hDmkR0C6d70DT-9pJRvb_GlcP2st2yljZAt2CT7v8hXOuGAN5uMwlWq91F8512bToPWZaFITq3rADgzK-nBRVahA7PhEt7epJN8hK9a2aUfOMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C04B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:06 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=f7a09c62-47bc-5393-e913-194b84f75e3e&tv=%7Bc:lurNTy,pingTime:-10,time:921,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216306208%7C%7C1544f08b0c0d996f561b025a5130612e%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C3d9be746c9d087b28bbebd2d060b66f7%7C%7C7b99e036bb6a56e05885ff3191012e85%7C%7C176dc72cf2e5b7d8e44c1e2bfc36a771%7C%7Cb0ce912efa7e752a8f8494441840934b%7C%7C9fb85e4a14de37c2303bb312e24a70c7%7C%7C1663701684,im:%7Bimprf:%7Bttecl:1334,ecd:256,tsecr:377%7D,pci:%7Btdr:807%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 3DC1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 35D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=3463363540501150&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
htlp
futalis.de/ Frame DC10
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=25730000167160104444640012418012&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 20:05:06 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
request_content.php
hal900012.redintelligence.net/ Frame 5015 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4466ea75bbfffd9b15c641392256eb85063df59eb6772f6079fd000b2756f48e

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2055
Content-Type
text/html; charset=utf-8
Date
Wed, 16 Aug 2023 20:05:06 GMT
Expires
Wed, 16 Aug 2023 21:05:06 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 92B5 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=25730000167160104444640012418012&pv=1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:06 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
inv.gif
img.tradedoubler.com/images/ Frame 92B5
Redirect Chain
  • https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(25730000167160104444640012418012)508545651
  • https://img.tradedoubler.com/images/inv.gif
43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tradedoubler.com/images/inv.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Server
13.224.189.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-31.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 14 Aug 2023 07:18:07 GMT
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA2-C1
Age
218819
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Fri, 19 Nov 2004 15:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/gif
Accept-Ranges
bytes
X-Amz-Cf-Id
ITjuoWlmd8rqhgNT6zhSrxP35_0qQeEqJUfhSRSCbF-hSM7M6WuILA==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:05 GMT
via
1.1 google
referrer-policy
origin
server
TXServerHttp
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location
https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
usync.html
eus.rubiconproject.com/ Frame 37E2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:05:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 92B5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
523e958110ad1d783f31f4e330325a6657f088a5f548d0e3c2e4b3c07afade1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 37E2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18670
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame E347 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3063 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8808 		831 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
92ccccc842ffeb2141d5014d730eb4b36b698aa695c50deb0b785bec4abe67c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uw9_WIIcC_ZSWK-9B97S7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-Uw9_WIIcC_ZSWK-9B97S7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:06 GMT
expires
Wed, 16 Aug 2023 20:05:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 6D77 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
css
fonts.googleapis.com/ Frame 5015 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 20:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 19:03:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 20:05:06 GMT
/
hal9000.redintelligence.net/scale/ Frame 5015 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
285e9f4e69983cba9b57858c01a884e2e71f2282a83be5a4080da5003c0a3b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14249
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5015 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
71f9ca1f6f59279fff3ea1a3c7ef146f3764132c538382a4bad57355506856b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12996
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5015 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6ab8a4c8b5ded4098d7e91bda10c8bc03dace7d8387f5027b1f608d38a6fd233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:06 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16798
Vary
Accept-Encoding
Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 7538 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-BmMBimzX7xSlhPgVbsPPem75CdA40Hetp9FPffDrrBq9lARKw6F8l3a7mmS_VR0QEKKpmOV7So1W_OFg10DCKN6CeOgXS9kCe7FmzSbzQuxg8xhD&sig=Cg0ArKJSzPyJtMwvyN0-EAE&id=lidar2&mcvt=1080&p=796,353,1046,653&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1246821082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216299969&rpt=5231&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts.js
cdn.retailads.net/ Frame DC10 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2997143073
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE12 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2574856887859&version=m202307240101&ct=77&x=8&cor=6921150182352372000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0C2C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IZa1rA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AE12 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjWmwwnlVLSBIWlZsanLCOu52TJYtZLjTRLJtjmZZSVdQnEH4Ms6XNMvK7CJDCxxxoeHywivrO70v7acqMHNLVw13UlQc0SLF3CvVy4jJHmck&sig=Cg0ArKJSzJ1GvpVpxfrTEAE&id=lidar2&mcvt=1071&p=0,0,90,728&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=901424819&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216293543&rpt=11871&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900012.redintelligence.net/ Frame 5015 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=25730000167160104444640012418012&a=5260242b&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=25730000167160104444640012418012&a=68358f44
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
generate_204
tpc.googlesyndication.com/ Frame 4472 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pbKztg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D7F7 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1640099854534&version=m202307240101&ct=77&x=8&cor=5185918031109850000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D7F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS13xzlFoLa43RUHuiiUaEjDlKV7d-dIIhKiqP33VushzGJUQMz-izYaP5H44-TIXM4OYdkRT2l1DyJQBsju2yi3pKtVW4xzVUYdLO2bIt3I8&sig=Cg0ArKJSzDwd8HpJIInnEAE&id=lidar2&mcvt=1088&p=0,0,90,728&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=3319912836&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216295242&rpt=10308&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B317 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Za-_GA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8808 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=1358793954252362&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 937B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstClZpXIe_O1jpu5Jwt4fOEDadd42G8-uR5qQKoXbUDMWSvwIwNje1ssazOSoavxzl3gplW4Yg9SZDSd6qlfDPo12ypD_KLD7T-ZYVWJ0bTUpC37rAynl3wIQIYmIpyJMjJgLI0woHLi_s9oj_uqbWVzsbAIQZ5WbxQ6F1ZTCSS2utFFGHXjgG59aDIqAMo5TQ4bhupsInLi6dfYhEj_Lwv4a9OZb7fOuH1G5rGHAoFmyRsF994mWTRllZ6buhjbElFf9pKHa8hzw3s5FNe_zBtbjaZK2CRz4V4sZIsyzcQF-2I82AZcIaNFEojVohS8WW5n8PFeM_NaksMvMSciYXnLw&sai=AMfl-YRZrRJucHz7I3F3ObZRlkcWWp_n_IcLOkqCLT7nmjyKDqEidSxrncYH6PsW_SFw7YG67yb9EXWcO5D-YAK_4Kw6Sotz18bHflpvepulYQM0dW9cS09gf3Eud2dRrtE&sig=Cg0ArKJSzH67draoHbnPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 937B 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31077111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2ecaa31f8fc9562c1fc9d3a9753f98c2882f83238ad7b3b5ce67df7f8cd3238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11853
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=6976d3f8-6ad6-7f31-be4b-1b0a1c2f52f8&tv=%7Bc:lurO2P,pingTime:5,time:9157,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:23%7D,%7Br:r,w:728,h:90,t:1605%7D,%7Bpiv:100,vs:i,r:,t:4066%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5091,o:4066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4061~0,1~100%5D,as:%5B1601~0.0,2461~728.90%5D%7D%7D,%7Bsl:i,t:4066,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5090~100%5D,as:%5B5090~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:681,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C195%7C196%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h.1549653-72464743%7C19i%7C19j%7C1a%7C1b1%7C1b2*.987057-61527017%7C1b21%7C1b22%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b4%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b2*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sis:2452%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 92B5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssolvu3AZm8CuCH9Aq3P7bKB5RJmRGoOe2SCrHnmbKnQaxcFVej9lqv9dwrYxmerpCXKsOZZHiY4GyiqljY3YQMDun79-pwyCFO_AkPMwFiHpCMSVTu&sig=Cg0ArKJSzKj2g-w4X_f_EAE&id=lidar2&mcvt=1088&p=1110,67,1200,795&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216303334&rpt=2315&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 3063 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 48D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2qfKNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9DE2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugFlHvPEHE-g3tInqWvEsNX9WpfaOJdbfbBP__89SI6vicMl9qOHKTkhWeH2PM-RTdzkrbdAu_LTojhWBfZnAb6YYgXvnCEsP5rTJuvKo2O6vMXXCIFjb0a82lJfDg2AwRJL2i5xB2-Eu3&sai=AMfl-YRsKM-dnKhRNFE1kA9JoJ71dO-yJVWkcEq2X9wdrQRqF4a9op4CCNeFGK54tyW-FAp1H2LAyxo7W7zkIXt1xWW9yCHL9HX2qK8r3ira8WgNp-gD4bV0Xm57lIwu&sig=Cg0ArKJSzJshtOgt4K6QEAE&cid=CAQSPABpAlJWB_6EeCzMb-koDJLCw2m7NRb9s2W-zTycrbNBFmMr9k2qdvjqzmgc7LvAosdm-GQAD13bKqkISBgB&id=lidar2&mcvt=1080&p=796,353,1046,653&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=965386203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216301938&rpt=3852&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 937B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 20:05:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 4F87 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NkSV1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4274 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOVh17yvdZJSrItKPjuwPz4mFuA4AAAAAOAHgBAI&bg=!0NOl04fNAAaiGN5Pghg7ADkAdvg8WlCbVFtTF6n2h0581k9WEZYi4C5uzqZE6Qbj28sH3D-2pn2p8WcwntvCc9QPnq2fy6_ZLdsCAAACV1IAAAAGaAEHmQL4D31GcwJXIKxEW2A867WfHcVJAj7JSt4ottx3h88cVjbla3au5JyxNX3yFHy7PSx-IjkwGTBy8r0j47oaOu4CJPvXrjx6VlENSWu_dVtPY1e4nzmKotWnn8H7iJ9RZO_GiQKivHFT_qLn_MFt1A_dzc-0xLgnTJUgHS_jK3ejT5OSLDUEwYKG3sDA-d-pLYoHFOuS2EqI60dbnaIpHgv13EvrQHpClK1zpD1Jd_M-PfVdLv__A3PjfdFGI30Yr-4kGYbdc-tGVSoMRvNBGnrx06ZMK4c-gyIjxUWNxo3uVlxmDeoERh682R1lc7LHU1po_DkncW9_LKl-5jY9jyvfUvzu32BtjimbX6SHszX6phlQpYGvlrB4of6cGZct_HIoKKz_0vuGUWmmJsakX38ytc3bKtKTwtCWFrboxIwe1dIGPYJVCPgB1MqPCBdHyhCnN0F4LnBU8DkAKt4mVqR5Kt3tZUEZNFdy3JKxtqrYmiGwdaJKbAp9ySRqpRt1an4IUz88F31mKbBNLc-flEloHnOiZYyiEWc01MXGxYObovJvYWOWMo59wDd4kVzqZ9N_VhpEHtbDX5a2wES-ObCWVaqwa05FkRxAIHLulLy8JFvbluNFwPXaH_MDmNU8qyi2elWT7KnAotfA5dFDN1FMQAJtquJVWxRCWGoLYybee-JWfyitEod5MbELTKODl3rEB_aNywYMWVc8PNpGOZouPLnu2nNV5NHMAXbBbkbzONWLH7c1J5Sj_sn1imnnjZ6tmIT1pgkDC0njxTczRmqPLUGAQD0kGx-x539k6hhQ8uUSN6SYo4B2HijNmP6fwEqc-npm1rp0oTN-jwhtgomSp5r_LBsp739kE9BbNbVvGMjU92KFC3Olwagtio5xMQrp2L20mNbBLyBJSe9LqceGVsb_n2h4Y-h2Ks3qcPps8zF6vSS0b9lrbVb7ewSHTI3DN_GK0JBbEW42lF33fPPOIgIrQK22p7kLE9lesSGJujQHuJjOfqO3Lg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6D77 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4l2F5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 322A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 18:59:17 GMT
expires
Thu, 15 Aug 2024 18:59:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ABB5 		831 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7337c1c3b2ad7926f08acf4ec6cd9a1f11c717d508a212b982e144acd08199a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vJ3N_hHfEm1XUmW_3YBiyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-vJ3N_hHfEm1XUmW_3YBiyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:07 GMT
expires
Wed, 16 Aug 2023 20:05:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame C04B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiRR9VaGowltIoE5Ki7xeGrBuojZkfRW_XQ8QqeH5SzFhE6fcA7uwsQzTUnLFyEiDtuRWtFn2vbazAmT3cNBVNn0XCrlOC3kZKj775n2JCPoe6LNwP&sig=Cg0ArKJSzK4_SveeNZxHEAE&id=lidar2&mcvt=1049&p=796,353,1046,653&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=495745907&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216301434&rpt=4606&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C26 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4328282484237&version=m202307240101&ct=76&x=8&cor=15813164158791600000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=24c0530a-3aa6-404c-6755-872af1c21117&tv=%7Bc:lurO9K,pingTime:5,time:7621,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:21%7D,%7Br:r,w:728,h:90,t:346%7D,%7Bpiv:100,vs:i,r:,t:2567%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5054,o:2567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2562~0,1~100%5D,as:%5B341~0.0,2222~728.90%5D%7D%7D,%7Bsl:i,t:2567,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5053~100%5D,as:%5B5053~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:646,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h.1549653-72464743%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3*.987057-61527017%7C1b31%7C1b32%7C1b41%7C1b5%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b3*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sis:1612%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=318492c9-d150-05ca-e530-6649e0e075f2&tv=%7Bc:lurO9L,pingTime:5,time:7572,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:26%7D,%7Br:r,w:728,h:90,t:304%7D,%7Bpiv:100,vs:i,r:,t:2519%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5053,o:2519,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:25,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2512~0,1~100%5D,as:%5B297~0.0,2216~728.90%5D%7D%7D,%7Bsl:i,t:2519,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5052~100%5D,as:%5B5052~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:644,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C1931%7C194%7C195%7C1961%7C197%7C198%7C199%7C19a%7C19b1%7C19c%7C19d%7C19e%7C19f%7C19g%7C19h.1549653-72464743%7C19i%7C19j%7C1a%7C1b1%7C1b2.987057-61527017%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b31%7C1b32%7C1b33%7C1b41%7C1b5%7C1b6*.987057-61527017%7C1b61%7C1b62%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b91%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1bb.987057-61527017%7C1bb1%7C1bb2%7C1bc1%7C1bd1%7C1be1%7C1bf%7C1bg%7C1bh%7C1bi%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1b6*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:2237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E347 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuA3v8CvdZMzMFqqRjuwP2ruE4AMAAAAAOAHgBAI&bg=!qaqlqv7NAAaiGN5Pghg7ADkAdvg8WsiX3n9cIZuWD_0q9h2GkpRbspNeugLi9j6kPCRzg5B9Pdi17PaOFcNMCRFOfr6W8OtdgfsCAAAB9FIAAAAHaAEHmQMshp-TRn5gvHwWBJBYZWxaQ701bZN4lbyzHa6BnRe8vLX5eo2_CBvO195KLyxboHh5H1DpwrGcNx-BmBZySEGrhgi_HY-Xv4ndLubdgdPc-vGT4OHV4_OQB7Q00nwnqRnbGocKutiubjZ44tN8fC-KQdwC3h8hzEPfnIfmTJgxzhloTKhrK8IkpC_WEmJ5rG0FZjwMxHHZtwltdT2vh83ypqZE4xq_8QMPUA_wDR4exPEKafJI4-XuGEPBzMewYKmeIOYhHUqvio1Adjh5bbACRfau_vzzFLc5c-xs8f_4JuAe8Frcbx2T0s0CMNgtSuUv8KPN5H0-fLHkLcQxMHqOF9a6rFn_yJgDJ-alxkBiA4ibH9zqWnyPCbbF_T_eFWo2q_5ZbDHBHG00KgFXzqXfiKHhju2wzt_MjmtMYloaKSiwRp1ZyXejF71wvFjwUDVPTdEqOcgWQyTKYvS-oa8fpJbsizV3sXNMCd7a0SXF0KEn-U6iLN3anoMXwTT5kGr3XKbwDT4-THD7hWJxF6rgRfm1C-mw40s55XZqZDIYyelfBpHrhoMEu9kbFgxO7n5j3B2ZWBkjVtAgOVexRfM2bK2fwfcgOF8_Kb7v5xtck2sTwNljzGnmjRi4fFWcKch6Pt5EwxpvtJGlZN1aLx6PN9xyxlkWdr_z-ibaLTPTsVZ5T6j9uBCUER-KGJJj1UdY1t4brMq1ZO8QHRzOBMuIkb_D5Tj27VXhSKFNXt3_9mUd2pjjBikRR43JaHoSbSD4_FwwvXbPUn2lqf4Ss5UF3euTsZF7fu6PUJne8BZ9OcwocuiFNW2FyU1UU33gdLHji5NpTyyaczYqMqEUVzLtQWs_HaL2hb8CtZIsXhfoFHuSTCmvBy5wlfG3CQ2MGW8ah8LVRNTIHSoPVWu0f_Q--lR1aNPNN_cnRDU9B9YVV8FU_BzkhSATgbMvUAUeIA2Jxw9kbKRWG-T920Ug7DgwdKOGRAWCbYs5tY8nDZ6vCfVlRHQl2YibzotxNP8VdaFwhJP8aLaHD1t-F__H5VlG7f7OsXYVYM5NvCgbK4ex5kSmv_ZSCGMJE2lvmI4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DC1 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGGGO8SvdZOb9A5CF1PIPhv6_8AwAAAAAOAHgBAI&bg=!cXKlcibNAAaiGN5Pghg7ADkAdvg8WspiFO6TAyl7Awu-nsHxrv9z_-nV9p2uriKdu0xpAztM9iaB51DyewvHPAi9wrDe14Ck7LgCAAACnVIAAAAHaAEHCgBB74lS0KPRcr61fSyn-OAB6I4Ihq_QcI59fANOmA05lQIH8VirfTxVxcd2e_rj0O8Oq8VjvI-dF31lhkdasaVe7ImZAv84KEqeGQq_C_VNW9FSE1utvQrbjeSLGBN-1cWmEcMVO8md1legZ43VfLOvn-VGfgIPBh0kWiWJp5_cWutR-401aSqXn5OVWWlOlrwSJLLc6sTrQ-zIr99UWHww0vRVa0hCCvOZ18V0La2Sl2LaMIklsJt4eJMrDmcPTujSh0R0b1UB-LJ3krIUljcLfAtv4FRFRqjLLrtyjqOgL2Csbxa8pLIGw_7E7xMKHMBGBc1OKvLZ8DJ2OFDB7xACWfuIKKJE6LQbaPwQzVjVC_jNX5k35Jo-G1yU9ENjJl3e6iLfwa2KnZ03DooFZMkjRIm-NNcIME0a9JWiuB_xjgmKpOQ2UkCLiPsPhluJrRWqF33wWf4DGeWTAgI67MxENt_J1RIlzjFOYk3SP560MtajQQjcKuSwijhLdlazpRwcFbJn0mwYCqIDEtzv6z83Aj0LqZIkrQTiQcXgkxii0gDJYAZEnzkQq-KZMvDBETBIEgDr8rzJUAjJyKaAFlCXbnSHhft4ngt-tiXe-T4b39FWZojEIPg4kiAF8cog6qSyDnS9-Pl1607XFLCZuxBzkGB8pkbBfH7H9y74Pr969GMEW2gwwCTk0Z5nTzoNwpwHpYbOA0YCigto2zivqy2OLKDfSjBXF6uUjNG8H58dhKYM1YxpfDP6CIhnq5wywV_lqbHr4pSJ5cYmxkG2OmI6WUUajXe29pAkILEdij0kwQkMAGb5yR3L5SUfE14ml3upnGRzBO-qLS_ZlYBzJiO8PLbIJFBLBac0SVjx_5EQDuCRLVrlplU2JYsWs9-vsYX24AuAyxXnPF6iGRkUKrZnQf2GLJ_eWi4Eil8W0qwJg0BpEKC0iRwF7ltj2srIdPWSIA4HTJ15IxFG-NciYgMj47uiiLlWbGyGOveu2FtyMyQFtNXDaJWIVY7HocrNcIVczc5fQ_W4gMbQDVWtY9JBpAWbJ6vhzLHObQ4zuV8XUULQJomKDMR9qE9fQt1blA6Yf5lzO1QLORb9QpJVhrXxItTgnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ABB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230810&jk=368999286145811&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 322A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 3063 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6c3b1g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DE2 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=781524724498&version=m202307240101&ct=76&x=1&cor=1777022829310268200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 16 Aug 2023 20:05:07 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame C34C 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame C34C 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%221911fdf8020f701f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216307355&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&pubcid=4953a91a-1066-4482-83a5-44ad63a84979&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.193.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-193-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame C34C 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:05:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame C34C 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2219507a696a25cbba%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=f91fe21c-9b78-46d8-b28e-fa785c8d22d3&pv=a93d62d7-9ff0-4f0e-b0a8-ab631330d112&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%224953a91a-1066-4482-83a5-44ad63a84979%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.9 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
0d390acd69ced714ce367e63a9cf88ed6437ed8c376e17513c45064b9a3774c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-208
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
443
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame C34C 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Wed, 16 Aug 2023 20:05:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
193
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame C34C 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2c3822989f5f75bcde0e6604b6d55c029607577370ccf7fb8b9ce2d01ca6f19c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Aug 2023 20:05:07 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C34C 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&eid_pubcid.org=4953a91a-1066-4482-83a5-44ad63a84979%5E1&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=2019375dff74ed23&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.16423395590689926
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e2499bef2e6a40d3daa7583bff5c2aba8bd9605caa06546db04cf0b527301a0b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame C34C 		38 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f3abc19abdcb1f85214214aa1c11d6bc3ee89f9879fde701736507fe71003a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxn5roAcNoAg77V7%2FlAqtBwRtf7T%2F%2Fp%2FOpFpU7TYK5zRGAO6SW5ZI%2FPRvQbiwCYopxoKe3zMUhkM3F78Yrwn27HJ25XAjj9srpUUntymHm9d442NQND%2FYgAHK7KtE7V9sIXYPytm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f7c4a50fdb037d7-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
728x90_fitbux_v4.jpg
saambaa-static.azureedge.net/direct/ Frame C34C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/direct/728x90_fitbux_v4.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
b7063e5c0ea56abf52c2964d30d3ba321220085106fae67046d59dc668687e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 16 Aug 2023 20:05:07 GMT
last-modified
Thu, 10 Aug 2023 20:44:07 GMT
server
ECAcc (frc/4CEB)
content-md5
OILZK6yWAIC4HWPLJHRy1A==
age
507058
etag
0x8DB99E28AED50B8
x-cache
HIT
content-type
image/jpeg
x-ms-request-id
8cb0f25c-101e-0094-08e0-cb8dcc000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
21630
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=2669857178375524&bg=!qqmlqf3NAAaiGN5Pghg7ADkAdvg8WumE2xSxHsHSutXeUZrYYEcOW0KJsuUxsF2q6usjU-qyBmydJeJRE98u2GqVU9mbpjBGx7cCAAACXlIAAAAFaAEHmQL6Hh3mPlIB-IVEPcdBc2Y1kRbvu_vdYq6-OPh1-_94C2KLCnPvtDnQIPbSmajtRAPowuL6s9dTKUC68Dv0ork6jouKuGntg1kBb1NqzAmYNd9nV7esK0KX037m0Ctebd5B_PgnUXsrtzH9pQtyr5KmGPO6zwwblqmS0YCd5YOoZm223SYBzL5i-bLp9Tygbu-rFQlBk8nq_s9ij82riUYwQt1SCQMYGvkwjhM1g5ITnELjs0bApQT9ymYQ2FZsoFWuKpzJQP9afFXcVZJ50RafAwKEedIpBo2zuna_gnOndIG8cSuN2JoaCZmRmjKd5RdCT1OjpCVE1jfl1_Wy5kZxo9a2rAua36dLCJBeplblIQb85MayDSAq0Zzaj4zWrJLheiFsx6jLrHp6ZSCj8SHnNbERxRmPSo4DRfV54c8LlPKEkIb1NliRR9h7QuyvFsy6ZTY8t4HQj2QQ6B3ldEIC7WT7D3VwFnVXshG3ODINxg7vrkQwWFFhqPHoqMTajZ2NKc6LBxACWHUiuAAfQkCkTjqiJMnCQX2-o1Lir4Hp14VKtYJylftWzDGcGjPzIgw_3WX7FcVUjKTLSjnqsAys9nMafiDH9poZ5fYoXXr0wl0n92xeqU8sOMue2gP0GCO5KEryOu4wl2O0KPUQnk91dbhnJe-r_2F3Un1dMefLTVweh2VSogjAj3GTaprevsPMwz-TUV-heTBlHcq1rSIcwcN3oO3RSnmgPNW4ngcHlWfd_JgxbFEyH5mc9dbbBwDbc_I-B6kgvUJisd9PSqLy139C2alf_UgGjryFlb1gFy9o4bOKNPEdDBGLENPwEEY-eOn5BNFW2Wc_LKSwx3FeXHHe5j4fJSxkfa2_Re0GeG2YB7grImfHNeOUl63KsJo8WBP9DxjLGl7ckpoVjN4M8lQqyNiroeEfo8Urmzv6rdvLTuOwJcdTNupDzvSzNBQ2Tlmz2Txi_Iz4DceoC3pYxr3iihG7e5kOTErA0cX7I2-bMCSWVv5S-49_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5C1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=895952461367659&bg=!5uWl5bHNAAaiGN5Pghg7ADkAdvg8Wkx2_8RatJ49DKBm_GTFLkeLMIoUchWECht2jDcrNnO6ClJo_JR003PTKDpvu5qvpRJb4wkCAAACZVIAAAAFaAEHCgBB_WoOTq8UD5aP43W5MFKBzv7FFVvu5G7k2AQ-yYbmGrHSrvxugIez1_NfDBYZruCX-eMdsJZaHpOm_gB5nXr4l0-ZAuiZ4paIv34pPAf7PVaHXrIVdbb5-S5AIbyA9a78oKaYcxevtx1LDtLVIyrAAN9dC5zdgS3G196zRlSGqkDmh7aP7nmtQ20zLWtcppxsMSWLqJoPZ6Hh-WXMG0teq_EteoY6B2fsNj9WTEFHRs2N4yehJ4mFM7IJB8hfAvwwsBVm4TIXulGNCEsiksnYfP0dPKcPUUr8kyv8I0Q4c8K6SbJu3tFWw1OHUEr4vXWjkJhhw_357Ije_d5HryOSv3R6TbW_mtwEhwv-mOta-Ih7-G90mXtZqJn7yNDWtNCEzvQzoCzk15Q1FzO_SC0riOFkgoyhBrPccq07SkvBv61mWcP17l-WRVyM3vu-P6tuVYO1UvcUzUfsyX5i0mJ5Z6MlWXu6BMOVr3A4sikdb9xOXkNryZ2MIpgZpaxSh5J_GsX5xbIQThcfmYhneYpnoJGPvBAjxPf2mwrl4lkKCMd0JGL9R0-oBRh5u8ZbiiTWsPveZDLh7Xg3bbTv0NOyGaaBCmlYuxpCtVuRUdfzKoWXpcOy_b0_WnBl3CNcT34t6AXKxwUxFyLi9b3cHPNQlqX_Xb5OUDlWEM5C_4Hu_TbApZ5GOsH-x2pdcvWrAHHkVJd3on1Jolr9XMSe9lAjCTxfo7aP_dTNSCPF3YlMTl1yoi-c8TLtrsRoeDerlrVBhiY8ne6eRdJWXMezs482jOUQuVKe5Gu7J4RHlcSKXdDBOXbjpkS01fK4Pwds-aFqTUd5ewnGNY7s5poRdNAa5mrPjVY_j20WOn1Fi2vnjsMW6M2FO8qVMGu49gUZqIH8xPl7d9DiCooDJZexrxROvD-y5ONys3WR_QJDaywuSqBCC5xiTqj8jnXDT1M1y6r8mLZnOSptif6DFAt69bfnuwya_7DfFMvpz6yueaFwLaaRjFNK0n3JHD2dfOMF-yoyhdFXCFygYD29TEWXQzXFT-s82yL7CtmAWevNEq1K42huDp4AU2G1N0-Pnss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FB3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=1969310275089779&bg=!KimlKX3NAAaiGN5Pghg7ADkAdvg8Wmj2uHfidJsoT2KPiO65PWmQkfzFkgC0Th5b81DUVVINeBWpzVbfiuvZ2u_IHLpCgS7H9KICAAACmFIAAAAHaAEHCgBsvxkiHSJQC4_DhK7lLXH2r11HlDvQHmBWjJbETWTIpSLYGVijwzY2_jiXcPGhWTkBL2HGVEWYBhfoXqG1OWhOT2TBAfQ52jSTYqhEnKoghXP0TkESSZhHKJUSxPZHXt8Zg245yAuWaUvPLoWDmQL0YTexeMVAaRfyU3HzfxEY5Ie2VYJqnJZ103lFFZLfTQCsT-FlkWO2OAOrk6EwZd6TTW01R_5JTdm_QlZdFIj5eZb4iAXWpohfZwgdyvF_Rp7finOuyjWToG_P2TYI-5fSOB1SoCzcOvPdhkA1qerOsZMx8oCyMhpzlKE0GFdI9Cq9r4wF_PQpk_AyNwRrcov_EAk_gYGbVuHDc9m06rMRmuVYarbY0S4DcXjEEc88acJpM7ANCkSAsiBj51Pyoqq9ETefwfSq6Y6HRpeM31hmyZjyM-ZRvbJStWCTewOMXBLOC58KxsRzaI04OS8uP_OeZBA3po2IxwsnTdO_9JYGaauD-dUdHx6UH-tzMmCbJCobGmRmXb2rG10NJp-pK_vUTwxYg3yRnAjlDS5pGA-dHjzgQ0BnD-JP0OutCI-fHF3FNBmOIqX6QnHSBC18ZNh7dEMQfAr3HFsflX6IIrNopkQvy9l3CYtmS-ivU063lR8qzCHnroAdsUqTlUYc_J397bFlVf-s4SzXEyfT-5qAdsJhLROTkI1AvRuSDpDYrH0-zVDC1bSKX8RiP4L5NdAcZneVVsTszSveNzDKVBruZkoLX1cjyfrNS_EZycBMezi_KgQr_Kj5OwZa1pPzoq8JpJ4Bh5cq_OmB2Ipsys9sgcEGW9xDaVRhpGDZ3Gr9ecp7cDd4Q0eyxWBof-0VVuAn7eJYteRVWjtqPRHRkaU4HcOtAGqTXKXh2Zj3epza6xkR65KfiaGp5l7-KmvcD-ctlKwF9vB59I_8sH9ufbZVDE6jWgTFrGDK56_kSSCoqeEsnaofGYeMGAbBXdCTJFFhjIvepVWsXRUTjHb6tMSbB6HlvWrWa6v9MaXGt1TApZfvv2c6HYESB2HVv2EmxU-DsuVnjYBmx8TZaBJ1_Qd7iM9WvMQbJeQnHDLjFbgFwW3srdIx_Wll216J_ENxdYB9gsRYzMSll49EVTmTJ6RGUI5esXZA3Lq_tNR98ALixGzcgGIB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 322A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zlj3xA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3AAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=2736541321062988&bg=!0dKl0obNAAaiGN5Pghg7ADkAdvg8WvxUxUyVxpByXuP11On8A5ujmvh9LTTWuzRzaocErM-99C2TRxcScuYkwUxoIiNmEDKVgXkCAAAChFIAAAAGaAEHmQL0gh8cGaN79YZ4heeDYyruy5P2GWnlty5nPQ9_ziAhm7R7KdmP6Kht-M4oGZK-IG6YPSxwovi9mW82DfU5-8Yr_GdodEV7KjW2xZfJ9zrwlBf-ZHZ2JCZGtL-o7qgfgVyStofD_evv0_9bd0m5kUQhJ1TGYGUJY7fL2EhM8HjWfxknROr_D95EspnVZp7M_66HCYUkKcjDUxRcvuSu9Sg39aBNMPr32QpDNM6awEHtGCEjB0OCC0rCHO5I3txzYN0kmNEOM39TpNbp1fXbrCOfpZulUryphlUnaRJ0INhpnDBeRDgA6yxaSY9kwZZVDKUCgkMq-MVnAdd7ORfefotbzo4qXj6RXms3OZpkuNqNIN8LidvIz89qAKw9RO-lqBxPl7JsvuMb2jUb3OxqUiAtIpG1p6UcuHEhaSXMTv2fqV425Zn9uf1HJtUMLmFSL1Oa3wfIxYHUrSdagneqyAz-4xLOoLKSYOFhAYBWcVnaYfLY05RxNpzOLL4Nv89fc4OXSfC_OD004XvlRAt0o1-_yKtwXWkq_epRHA7p6zGrdtfsZO3cPGuI-Pv_LqJngD6a9XwVfJYsZED0GIDym0FrWHwmxyU8VrHbzlUexrSFOnzoYAiqO6TZa7m_Zz_mGSjKvd54pJ6AGAfyRG7nxF4bYunbSlTAINRTjHs_RHC7dHk9xaLdUL62RMI8b6P0xizI4qvEOS_fDQJWr9T-Hd0riUZ_fk1Bgg7nhQCXZxdDxGnctczKAqoDlL_i5myEizOw6ntTCes1HbP6vi3D9OgUotcVD-gkJU-N9IJKy5zTektvB1NT21dAMYP-MZIs_4BG6mcFsut1g2LEKcb2g1xzKDxZThcWOAZ7pFfzGvUJf6a21dQW3Yr6qJTFUlAlKhpBMdA9qYRu56NxRsLkXeCqpUm-BWCWKBiO25smSXyyRd0MAzUmfX31EZOyQWRrPQ3mb24HZ6O-pi9JFW2LcHKpeP0AHC7R0Xcc3au9LpeBs0zv9x03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9601 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=1131171187450178&bg=!kZKlksbNAAaiGN5Pghg7ADkAdvg8WqA7D9S1IoRTbQxa3pL-iLqbrp2H5g23CZJhXtv1vIbwO6z2oJ9_AiTTajl_oSltr715uIECAAACwlIAAAAIaAEHCgAeS5BUF4M-WOhZmxzNzAPyaOFoWafQ_mmIJXZaY8wemQLyY0735Y0bBW1lQXXv-9GIAz6Hu67Bd4NHHquYEGUPvpxs_uVfPXMS9ft1EfszP1OC3FMfL5oxwJkP5JRzHbSDsa5YisGEdwXKr7o17Tgo4-I7mdXNXecyaCwUIc1qTd-9u7-pxPkJtkz92CJmkocbYwR21iZ23P4sAemqQTa7Bz_u26TcJz-R4tTFsaQxLkBui2pNdhlpb0PJ93ukB6WaZZvndiwPml1avho26YkcqF6ohsD0IO_dtPPeOoKCJjnd0F2Dp5hTOOQLfD0LuUf-EKvApipK3My4RXf6u0dJ7WlO5LJE1-M67J4gENIGr2HrqHJQDB4ohTc390JsnYtOPmM9xmS_g7JKwStkGWgWyBhguddqM3f62TH7Q0TI3NIlbgcgQrcKPxFnc-TlFy8_WtDpO1wa5DTJzSAd3qqwuulOQDUMRWsoz-KJBv3mlIxjrfDgCJ0pAI7PLZW04IuP7w32Pq6oF4IOzF1_vj5xhf_3w5_-rtsMct_MqdPhdiC94tx2-mZ3B7xZPJ9yHPg2eFpTkna-yDKUa6ecDStHwRXHEP6gved8L2pfaDtghsrqi5lXm5_JYMeEp10lDk7gTgA-55dgZLv-jqH5-wh-t9WUiob4p7OsXoj0_Qbu0OLgvTr4x6KdrO2qgTUlfLrC9S47a98lhvCUW2Tfy8pVvuxzmKW98fdjQhHmvkAXg_poyBKO9RRdcCYSBQsPFVjtV5bKlDW9Z9oF-fGNTwO0KzsBMlHPWT_E3h7WexCFgNad0XCH5YbVNszREgCqAZKGfEdc-PkMp0ZMMYWISp0snyAnj8EZQ0t_PVEdA5_x2ylomDcbdmL-b-D2vWEmpTYnWubnCv5B0v5zWR2FexjA3IssgQSbOY4VRd1gGCPPZvYkQcPZDP_eQTWhf_b35F0O_bqiD2UD6_Rx8UzxOFkIIzgM0KTKmpmDpUj3PKEMeQKHOar9-bmQpaXCa66PxA04duxzNidd8Ts5Qd3kbH0fC9k1LA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ Frame C34C 		27 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3436190074934159&correlator=1334860488951157&eid=31076769&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D989312272d138a19-223fcc4a51de00bd%3AT%3D1692216289%3ART%3D1692216297%3AS%3DALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA&gpic=UID%3D00000c61e99faed4%3AT%3D1692216289%3ART%3D1692216289%3AS%3DALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA&abxe=1&dt=1692216307657&lmt=1692209107&adxs=67&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=1hc55vk4d8i9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x90&fws=384&ohw=0&ea=0&psts=AOrYGslvgyXu_RoCUNuwkeEVNJp809JecMoNBLCSjyTWe3Eeun6N82bqNv5372f3SJbuWe5DN0kuJ5T5uAWVIJyyJlOfKLe6EZ8ARWE%2CAOrYGsld1JjDTOK2HKQL1wnotuVNFIJSxvKBij91ds2_lRHbgQ_vOLvL43EeumKRCfWoQ4IgVg8-uKtI8fhnUqcSt4HCpRHb428EE-Y%2CAOrYGskfn6fII3u5wlLIjvQj7r2ljw-fAjI9he2ka5zzGo8BEstGmCHMM0OY8dOpVd-dN41wC38LHS2YUKl7kMW7-TD3l-Lp1mbSoAE%2CAOrYGsnEOlSOmKvSxuEqJkjwntuuhPh7FAltRQ968fab9v63WvU0ICpqLg3Ysv9wDvWgR09X6JGktVZwP2vlHDvm8rZKutLF_54WF2c%2CAOrYGsnN9jMwn435SUR705HA-JJWETYHAH02yEL-2Nr6F1hIL5xHijsApxw1SZqUQl5uQZa_0oFrW2XvuSVgZrnXiX2J2oCM9qSeTck%2CAOrYGslmZrtspbpZyqVD7zWsiNUFwXReUOYyg9IdkrYNbJaagKxjo3fxgKqxJRIo1qj3A1CZNzgX0btbewC19mx2HDI05fyich4gn9I%2CAOrYGslCiWBe5wG8O1rC_oEBUWjfjinSKSqZ-LHxoOGgw-p3mYjyheL7GicJqMIg30dM7Sj6RfLJj8kXW_LqEfgUChxOS-iVgPgTH_Q%2CAOrYGskIRYEjGLBdwutEJOeMLGkX-USL7ywC3GluRbrSBF1klz3RQrMSwcaxMyDu5SP27zsY9d4EtAHoOjAltBv5_FjfMXx1V8uAris%2CAOrYGslVQm6SZH7O46Emc44Oo_6E8z4c1Jh2uYwcbUNLWw4LyTQeF_lFY5SfDD30gsGJP9o175pcrZf7XWTvHmSQBTYnFnFk&ga_vid=1474646508.1692216291&ga_sid=1692216292&ga_hid=2127888679&ga_fc=false&ga_cid=1630745151.1692216289&dlt=1692216290045&idt=772&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.13%26hb_adid_rubicon%3D2050bcdc111a1d0a%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.13%26hb_adid%3D2050bcdc111a1d0a%26hb_bidder%3Drubicon&cust_params=domain%3Didrlabs.com&adks=2587397766
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5138a31e6d0790959a6fffd61754006e06d514183b3e14f3dfb697088a31a863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11651
x-xss-protection
0
google-lineitem-id
6152678337
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693519
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7538 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=3463363540501150&bg=!EBOlE0fNAAaiGN5Pghg7ADkAdvg8WqGS1W-p1CtMiuM-9VOvKAv6twIrySkNxmhXxXDuqbFWR7xVUVa4TKw3s-yQzfnR8e7W-zACAAACSFIAAAANaAEHCgAywsJq8aRVTeGdX1bwqB2gzTjBynuqfmQjZPXAnBIXWeae-7WiUnOAsNfiRNoyJooeVRGZAv359D98VavXET-gtEZOViyq_f_jeNQOS9_MrRc0mJ9DiFOLVQOHK83BjbN7GZfXwJh3YKMCSa27X3hbKzk0zPFd4dkvXAakOzxwJ0-Lr_W_eXGd9lNDz9FAzg204uScPQeJKXsFmPYUidExBVpeCSaXYiT_I2C5BAZGQf1rouKyyS6ba30GaSp1iQiS73BDyk3PKEKGMnPS0_aBL965VOH6V9JHFMIv73QSpI1A4g1-wQaMykFpRTENnflF8oqNIG4JrlceDvt1B4AT_Sp19i5OPeYpSMDdvgtJaRx6HoBg5mbsRuH2HNJZdN_FsNTOEL17bDvMdJ8PccK9SuBTEvNIexRDmCJh1K6q6hyH27aV3915rVoLU5TgNLZR9VzCauj1C91qBrxGZ3mRP0UpIQQz_jlLGCdpNRtiiQU1VltgDIn1KDlDVDUaGjLzYNurVuDFNnaQLwNuva60t-Ks2AavZQ4pe9J6ZnExf-hEOLhWYjicbAMJm4f33ium3bMC4ePhW6fHyRhWFq_Fh26VT1VXReRyFLf-NDSy4p5Mt36zAfzED6xwzIvErXbBULiP1ILA7vDDhTqWMpOeH6RbrVR9x6ezaxccZ8ZLNY8u9SHIOlcdxyxh7LM2ihw-tSEHjSy_9PgKK9i8G5vZIvcBD-vcDXeJr10AJFL53-_pDe8HqhEfY75NMs7NXetVO_TzWWM5RFtWYSswzRdNErGHOb93iRwaobUKvnvSJ9CYdbgIgicoC3tLvmpXgSVWLNR5UjZmdbyYN7lAtJ8uA5AzIu8_cXHKIzB2yiM6MqZmvGs8AI6raMs05y9V084sEn7MO3ElYQWrCjaS9Og44rOLJQsB904ZCVIoTBuQTuBEqzsKZFbxMD1HUle8J86L_eTnneMGbJPYEWNW_pa4LFDc1oEcefJZSAQyuVc-rQpriO8SpF_BDn6YNWTXLjaZtzj2JSbmLvO1ijFnbKnNftrSY8GzSDpD4E1tMRxqxx15txaYTgGlnTrBTdR20J8kwrI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame E374 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
activeview
pagead2.googlesyndication.com/pcs/ Frame 937B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4WcUxLFi8hgnK1dTsgGFyFec2FHuxJHX8O8QAWoEIAvD49gd3yYahAGcpx6VCaprXTvBSlik5GnCtvwj4tWvzkpl8eLoR9dOYRugK8dVq6SkhbRw1&sig=Cg0ArKJSzLL-fqkw_WGsEAE&id=lidar2&mcvt=1000&p=796,353,1046,653&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3215044782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216303006&rpt=3741&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C04B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=1358793954252362&bg=!rK-lr_vNAAaiGN5Pghg7ADkAdvg8Wlm7_hV4-X-wR_BxFads53cWBizxnepy0p2wVtxhv9vhhMAd6HGsOW5DgwL1UUYcJhmwXmcCAAABIlIAAAAJaAEHCgASPckswNoB4laYQ3u7L54gXJjTmQLt7H5xcOavGvu-X8rcliJR_iyU80tqn9JWCpqsI6WT3myT_zOXB825kS5yBbQmCl_4kZJ2idsn2M_56aEq_x9w9rN7cLj2zKHot8sG0-ag3rwLCamD5qoN8pgpTbKH8N5C7wkV6EakwAY6wBHwqKQjSbxEG5soGHdoeLyLSKyuyTgWO1ZLPBRDjCfPzxVxAA7kj6ssFH95PBixX9c49zybHN-pHtFfVprzWJxQwTUsquXbi7akkpo_vkoOfkDiS33Wl_eFyFXwWfwCWu1Ic2gE5HOA106kQ_AVHKRhAtdBZg7SXb2cDYPGP51ccfEa_Fdbx2yrJuuxzuu2MH3p225V7QeWUXLMZUS0mCNG-_FVqaLgrQ4trjSZ3hgSYPbVlIlPrCIzbITbZ2X6SVn0zGVL5NwOOPawaHtTfh5yjmklqDeUgxXN0yhEVdE6R4WSggG63W1Say1irtJoyuKUln4qU157thZdcaBBfh55SJPn7zJzJ5ovsAXYiLyDGc4FoTLWBki-PDy7Vp1GTr1XDWHUdLtPMqvNtVqI-6N0ThZQTI5b2D5N0ZyzlagXbuBLcYSPCwZFfm_hteMyNzqCvXajpptOlWqrUc_ss6CVjWOik0SrqxDOUop3dkizAPasgrvs0awAMqogrjMPete2N5VCW5ShMxpcdBOxviKa3MTnzzC1xicRiNCSnP6OF2CsG9tjr0HKVSsDlln3izmg2dftwezUfOQDANYJZZLDcmvpj06mWlT5asKxPF2Z4ptz-n7H1Zg5spIgaGbG7pdWTrXYYtTB7k160LkPx7DIWvTit-a2LgaiiNLQ2eaZD5Xc-TM_AXDRMR-f9sJgiSk5MgpchvnuPzJVSC3m-cTWdn3Ss1z8eSIMAH8K9lG3-IV2kbb5n9UHbLyI_77CUR73gkgJaD2ARh7sdiYsXjXHVzRE8L8mCQhYNs2TaTqEYYCi6ezjsCCEA7is4Ou0SQC5LUvqxsPd7Kx6fWup_RANKzM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92B5 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7233719029275&version=m202307240101&ct=77&x=8&cor=11348932008894680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A07D 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A07D 		0
0
b-ee4b1d5-71f746a5.js
tagan.adlightning.com/saambaa-bloggernetwork/ Frame E84B 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-22.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 06:29:32 GMT
content-encoding
gzip
via
1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-version-id
AKaOJLyu_NszbMF4wSyvC4WSL5bL6WUa
x-amz-cf-pop
PRG50-C1
age
2468137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30993
x-amz-meta-git_commit
ee4b1d5
last-modified
Fri, 23 Jun 2023 17:20:17 GMT
server
AmazonS3
etag
"8b5a875f8af535ce8d8c74304a7353b1"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3bY3wDfjQov1Lvwf2C6YRl1TpOV1d_zlSxwQs9a_n6WdZhk4S3EfFA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E84B 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57610
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692013115309786"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 937B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230810&jk=368999286145811&bg=!Hh2lHUnNAAaiGN5Pghg7ADkAdvg8Wsn3fDF8p9RaNHaVMtr7h1rps7w86n27bR7fR1_LUOZYVEyfBiaQ_TBGIgtijOUw6x5sLGgCAAAAylIAAAAHaAEHmQLwyLm3vxRG2vtz2iSLy66mO8juS2AXbbNcvnnLFsQKd_CfoeGzZaxr-BH7uiOR1_M_oKCR10oucZu8cwVJmtIydR7c4QXi-BHYlPIDIOjl208h2ALLZQSjYHM8F_phqCExRmP3ZwWRH3pwdLFCNZNCJrYfY6q_5_ayH3xha9LYlg26oCxghSfstchQ-2uhlZhRGSdlEiZzo6Lt3K_6N8923LtcPtla8KmbJRDfqqDvVhbJ8Vq0fm8VmumqCIAwpFew0DS9cLyjtmNzqgB9lewiKQN91hrOtcbqJlDAg_fnHGXVvytrFGQJFObQREXy-d_I-fNL2j0BhDZ1I9KjAvRdwv8TBikbM7jexqaa4xo4CLs4LGeB5EX3M0YOInMMlUx2jIKDuinKhL-g-0kGFqoWgrkbJgv3UVJOTcYE1wUnCA6T_AfRfzqkLzJFNdGg6GWYoM7MWxCF6wni0Jx8EhyGtz8gb-impVpbPiQ_b8MSKjyUNjASyWXN5FAErnt5bJZlARt2wyeZoUGa1xBnyrbM_yt00W2E5-0oYctajpOadVIpYuEOg3hEifPFG2mxm5ZuOCXDIcFqfdvph_59uG2HU0L7spBOAuHWRpK7O_ks3Pq9FlYEnDj3dPJHMrjeWJmSo5iLtlgtBweF_kLKUSjqXzGvUfQ0UevQqBDlAZ7B9JH6fFa6J945ZMIJAMoSjg04FDtA0ZuoLN_XXerbR85vomYJxIhEjTYJhbza_yBUJSGWD8vk8ABXnvtxUBkVwDLDiXSxhqzSE-ViutaFm9s0qEzWnsoZxEktz0UpBDkk9TDwSVZUjopGLffvvltmZV77O8YQQcWR8lxjkx3tAhG1c7wqt-XxopOsvVyk0W6XPs8iyS0owFX4x0doDPFLtbp71C5RATvlIWV0liqTv5fgvlZ4VCnOB1n6ew4kCCQh60r4LuMpnN67tuoRb5QcFb_SCkO_A06c1ceh3bIRzzf3BfFazeE5OAiQPNkwSPeAzZw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame E84B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0MDcdKXux-MGhRwY0ppgkGhEiM_zEruUiV3On29W7lPpz-wNzBmMKzVll_tUcBS7BPzY3fcyFv_m5--yep54quunR641qICM_WsQ78QomWFsegBnbPc-h_dsSFFvATHInMtlg-6afrVfHq9U2jsDUO-kmTN2SOsT1N5BlfA7ANUMfJPuyDXraOekQ0lbXqmB7zNVG5xDqynnDz7Oy_2k3YPfANgbPVilD00vNQDba5PSr--JR3Hzq87kcL5pEhBcnVp__bfNVPwTq6aWRY2ZitXWA5ofP08GgVGI11UGZQdgq3337hTahQp4O2pwnqVPgi129Xr9pZI1Ubj0DNuWHcA&sai=AMfl-YRqGOjWYRFIGYp5RGiA1hcEUk0J-zS4Tx131SGd21eG4Wwyxaaz3nbJWCLoHxjbwl6FRi4uBpeg1Dca2_bmSG7NHwiE_blvnuO9IhCTtbBKAO6lN5MPcbFSXU8JBIw&sig=Cg0ArKJSzMR8g5xs3FTNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B603 		449 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNX6kq12YHhjuBV0kQIEWDnIGSDSHRFwNMZSWmml69sIEZBnNDfXZEFnx8q9oAquy-VGbkFr7-oIGLiukbGmCpDTzQY1K3M-wOn9QnSR71bS3yJGlpLrnkZFBtegFBTLIzpzH_jXbuQFcqksI0Kb4Qjd_X6USgsAaMCqLyKO-6ipSG7a1ZM
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6a772fe86729d7d99b1692833b687b97a06a887cbbee6156f51a9a869b2e54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E84B 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84B 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMv6IeZaN9GNdGty0sUkae_SEPsxeljH3kngysipjt8Lylv2p9xbG_uXfgr29ukNXG8MlVhUrGz3lGHjlOZKCG7fZensoTmD95tvMD2p1INJiwNdg
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10145685200635084819&x=8&ct=76
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d1f26a52-06b6-49c2-97c5-3d7404587760
beacon-ams3.rubiconproject.com/beacon/d/ Frame E84B 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/d1f26a52-06b6-49c2-97c5-3d7404587760?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BCDEF3782115432D45BC4E68E3E3BB9A529E09E6E2F265838206B5EA40E16565A5795B15DAC928EAF9F0BE1F8337FD75D1A9FB3686DC09CFF7ACD1C7396542290AF386182E885AEF7C5F90AEB777B3D1C4EF799F747D7BA05CE6AB9BCEC3E4B92B12E5E59E9DB46FFC9664FD73B255D17B409AE1CEF9E32502605645952F60178ED422878F54B8A05572FA1E1D762EF7A3D55C4CF3358A677D7964988F78A1D8D69DCA0BA2F7453DA2D54059CE672E25DE82A954C1004678A
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:07 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=554127903003&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=554127903003&version=m202307240101&ct=76&x=8&cor=10145685200635085000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E84B 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqThz7OhyAjSodVh3dycKQ8vxCNYf69pCtwhg7upUchPbkotxDAC7IDxjZVtHI1B-ByMA1OTbIaRDEd6WE7Vp8GwBHYMY-rUjY2c9b8t0ch_nd72YOQJP25szVypVHflzQoMlckmofJ18hKivz3ro--vp2X2QgjdioaCxewBCr2R80n5A&dbm_d=AKAmf-CMIT8K_7oCalXYEHcVZUE0sqQA5WkH9ycDauorIlVari253DLxmhtWEcixGsvLp36f2E4oZUuujHTyiMt9Bz_fIJdYj0CqbzOudxpCqvDp0hNV4RSvc8MEp0zQLoiTKDBJLY6U2QLJsgAvf6J2qwk6wL5i8FmrvSYRNZLcRHVUxL7z5FYSfmiAJG36x1BbdkjKLptqUl-qKvQMZfR5ErI8DmtrI1HnodlOSS-vwJipiXarbGCamfUGXBgju1xZJ5SjZS43mEhkmuTrrC74fwunCtUoN7WSF1KjXxFUF47DuW2MLdH_HjBSzuXRXtiErU_4hvxaC-vhTFzqlhO3JNSCRBD1lC7ozHHtmV40AuFtSZEfi6JXjdpEQ0oFK6YSzCNQQ28dHD7AF0RP2oMNbulswa7PypeWJhK9mnVnKs6srAyUacnIIJ-grE8yj1bhvTfJc4Z5Pu_G03Dkqm3a1e_Lm7A007NC6dx_iZ9fKd9U4L_j_KDBP1K758W6bJG7LvACRXJvwL1Kd4QZzDYSCAFCt0Sw22ZHG85COg6VlaXAh_h29jFTTYkwycKfaU4S_628NmkvNfdTBIcmI0m9vz-t6XIxt8kSqzKYGCrH6GRBMoupgV3yxsfAK8FfYSYUgZ1YUvv7mdg9PN-Zrh2sHfSsxQ2PvRmI1NA0xGJufdw-5FMBeMFSKPeu96eahRKf_nfZqxInxz12dKrcT8FjCX6HuxzFg3xnITsgbi3o0kRsbjvKm8h5o7wQo8QBTDvL9phXal3XXL_74xscE3n0JihHxm9w1eornruTcVT--MWdl9xSmdJNw9HfhI8N__fIA_uSOZo2M4KfkIdbO8SIWHOsEKZ6XrmVsz81Km5Zl7eBU-7UCfkPGFua55T7s_BN0lDKTfZAdxTWDw1e0FUYe5Oj6SoFH6pP6uJ-VR4SHajoG-DGLGbVWlGlxZHrFIKcxCXfBYObz5yKr9j2ucIB4df1OjivrLYSF07d3ttzGE_WXsDlBlOdN5Hli2w0inmX9lwl7sY1KulRJpLOBMw1eYuPA_EY8FBmTHMD56fzYI2BgB9WwbALyCN2ZFlZGL3qWx6P3yPGw786RrJhFh435gPN6_4W_6manBXLsLySs4g4tne7PniFwP6eKY1HtOq6ApWnSxY-98ECE6rvz0nx5bfpwTuFFOWdgwY0vEuSsozvxX-_Kc6D8MBcvcpIfcPAyKTqhgc4BhBYdcrI5OnY0b7i6YeJQlhnenR1dyBgOLR2T0AKOxupEygoaPNERu3slcgdnbt-Fbfuk54-89L7c4fNEucMJPMmqIYmBlkcUC0jJpsIacomMPIqIXfBmjIQ17q3e5erkcf4AwsDAIMZFrZHOSf1muGIz0BD8oOktQlJx7XdxeEwz0DOs3lQXW0hReB-bSsvpUMvZKqPjpQiw9S30ZVrMhvXiDdGaH5-D6ZIV4RrDew5GU-hQtM4FdwPMkoYvCsVwdGTzUdz28mvteDYN-TPptPokO4rj6lV1UkmB68wYTgNDUuU4nEvB94PdcKTFt_iOxqPRSM4sbIzKq463jReaVv3yELojwMJAZUkKU-96FBQu5068LpfV0StUILseoT4bWwPVyme0jtJxVXbGaB3URiCl919vVFHZkiqYliciB2At-SwoK5Wjq0XLlpRrkrBDILnF49Ze9sbiiFWJuYUCJhEYjda8Mik-0TvKAF_aQpnb5sobJlrZEVUp6QETjtloIBuzvGjSn5Hbzobdq6Z2CscKFQfbqKzRYEFWtIIs2k6mXUe3tRlmNOtZcs82kz7v6ejgSyR11J3uFmCuvgouDSHruVFoF4gAJibvRqy5d1eR5qbiZaO62b2RtdfzbiKGL80T8_Ir4S7LawJhqrikrtaIczIzGnTUU_8ItZqdx1zQNReYH8i-BqXjg5OuaCiZLkeiSQLVDBmvYNPY2XtzALjqVUgaVoGNfYUuQMFMbEw3K2v2IMKpohSVEM1Vl3d-O0fWnXUDLxUCrXI9jf6vvH1maRK7-r8XmG1onrwHfNTnA1f4AIj3bb22AoNuTi6YzfAr1PRBaOxL2VPgK_HebBfv_2u1uED0_xS6cYw9U1F5EYyPE5DIoXnj12Kot_W1uy-1wjG4ihRf7vMxm9RmqoCdLH9Q76_zhfnE5QBn4Nob6skFQcAqEiCAVWNwGoJ2TiZIO2wy569WzIVxS5T6yBa6TxmmzHp9uEO5z8fFXlgXCFWeUKxfT2N6paAjCBp05xuBEKgEj6cukoZFoH8yDArICsx7BgMYov4-ftNtG0_uDg-cokHRqyP5J_bKWNK92aN5K2zFcVei-m-G0KgLKt9rJEWYvMkfQNgbI4EfrdJnDu7nmnRK8uWFiNd1i-vX519lSYWtMEv_6AG0a2T8CYdAW_wws5feIkQitmh91Lz9qbVWV1RNc3NKrHF9SdcHMileK7afebkhkDJ9qlOQ_ETifaqzPXnwh_R_TGFx_nUB2SKgPxXqni4TSvl-_iH-jmc0Ucrk5f8yscO6cDuqDiPdJ6N9eG6YGaBsd5rlvb53R-tmtq-wKZ_ToV9QM_Kz3su3p0mDHsG71v48X2a9XnMVc21BTMNsP4yYEiRlPoDFiTxl5UkBJD3kbtnTRQOdhu5I8kv9XOYhq2uKLJXzf8Uz9y2OJtLYyeN8TQsX3LXpC2FPNrV01AJ7LRLi8hEV7zj7DZqBUTU4bS_eFW2oNBofOZRx8qjA2He1W7oOsJVnGPfcH-SDODDgqQkTimAptpN34rijK4Q53KWY9p_L9fscbeWxJ7CX60XwfAvXS7jWsebTMAsPOETlphJJXPuo6IcuDsUcHlfwv4DOzad1HQAJlOH439-iCgDkRysIEDZBFBm-vTtvWrEjP1FFHJcMmxy9ZKorWlH-hHGiFLxl_D_r-gg7jdSlyUPwLbW6kkjGoN3eychAM2diS_c9n1mEMbGtbS4nr0ec8zUYsehGRQRbyAJRuAL0J9lRqnGZpgw2c3i7ighkmI5wMQdiu3tI5G8J2Butj6e0nBkYtcj7rL-bRvufOdP3h73YfoHd35Q1ChuLyZH6qIEGL4n_ebKn0juvLdZ7ZVKX7sa_QPO-FL18E2SZSHq9edRqfGhzc9DphYchrD3ubk34ZR6s_6aIO36iFj9uUVmxbntLI0ppyBRIJ8JcvcvW5NGpWW8h56hUVQKWBEX6DIyrh88R77zlKJGWvZ9sMjovZBsRKSXYT3h7i6w4x3o8KxkPbMMgWRm5ypzEQqxVHng7ewpCxB8Ho0wb0tCKcvcJgAG7mDAsZERseMS69EFHBwo0Fp6rsPt1KqbUjDgmGw8giNeMcqgEGcZez_A7At3A0udebDKb_yc05nnr-fL5MkYeda17D6QX6e_iEhMkKQUP-t1KMSYS-SCYbGnrtrmZ9Sbo-oGg8I8OjO8LfWmFiYY877h7_DqpgQJbaCmCahcW-XuFJ8Yx2LIufNu0H53v6oSxyoTiw&pr=8%3AED9209E05CE63288&cid=CAQSQABpAlJWSarQKEt2TFCwqia--FrT01G85c-KZ54QZCGOhCI3hFFwT0_a2egIa4s16uDX0uWmG1dofATsCBpKyygYAQ&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&ds=l&xdt=0&iif=1&cor=10145685200635085000&adk=2333960081&idt=70&cac=0&dtd=5
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
507307e24f462c9feefd78e73630eb45567d5f822df81081e1106e0e8f0bbde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41584
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm
  • https://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESEG2vVlfdfD8KSPaUOq8s_7g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzYwMmIyOTk2ZWQ1MjVlOTJjMmZhYjI0Yzk2YjZkN2E&
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzYwMmIyOTk2ZWQ1MjVlOTJjMmZhYjI0Yzk2YjZkN2E&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNX6kq12YHhjuBV0kQIEWDnIGSDSHRFwNMZSWmml69sIEZBnNDfXZEFnx8q9oAquy-VGbkFr7-oIGLiukbGmCpDTzQY1K3M-wOn9QnSR71bS3yJGlpLrnkZFBtegFBTLIzpzH_jXbuQFcqksI0Kb4Qjd_X6USgsAaMCqLyKO-6ipSG7a1ZM
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 16 Aug 2023 20:05:08 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=MzYwMmIyOTk2ZWQ1MjVlOTJjMmZhYjI0Yzk2YjZkN2E&
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
rtset
bh.contextweb.com/bh/ Frame B603
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_dbm
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
49 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNX6kq12YHhjuBV0kQIEWDnIGSDSHRFwNMZSWmml69sIEZBnNDfXZEFnx8q9oAquy-VGbkFr7-oIGLiukbGmCpDTzQY1K3M-wOn9QnSR71bS3yJGlpLrnkZFBtegFBTLIzpzH_jXbuQFcqksI0Kb4Qjd_X6USgsAaMCqLyKO-6ipSG7a1ZM
Protocol
H2
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMYJ-wVCW446xTcTZlatXAo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B603
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=547259&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcontextweb%26google_hm%3D%25%25ENCRYPTED_VGUID_B64%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Nl9MX29BOUJuUE1PM3R1endELXdLUQ&pid=547259
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Nl9MX29BOUJuUE1PM3R1endELXdLUQ&pid=547259
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbIhtYEEM2TpN8EGIrL8O8BMAE&v=APEucNX6kq12YHhjuBV0kQIEWDnIGSDSHRFwNMZSWmml69sIEZBnNDfXZEFnx8q9oAquy-VGbkFr7-oIGLiukbGmCpDTzQY1K3M-wOn9QnSR71bS3yJGlpLrnkZFBtegFBTLIzpzH_jXbuQFcqksI0Kb4Qjd_X6USgsAaMCqLyKO-6ipSG7a1ZM
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_hm=Nl9MX29BOUJuUE1PM3R1endELXdLUQ&pid=547259
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1
skeleton.js
fw.adsafeprotected.com/rjss/st/1549653/72464741/ Frame E84B 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1549653/72464741/skeleton.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cff1393ef93cb2081bbbd0f000f84466e6af9fb698baef17bc488127fe23f261

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E84B 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 05:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 05:22:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame E84B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/omrhp.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 22:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
78142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 22:22:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame E84B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
75162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11536
x-xss-protection
0
server
cafe
etag
2200807439755941123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 23:12:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E84B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 03:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 03:20:51 GMT
usync.html
eus.rubiconproject.com/ Frame 37B2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 16 Aug 2023 20:05:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame E84B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ7JsQb8NQUiOh2pIX9NeJ9z6i_PnrGKoPJ9o7_OQe2eYLaIKI6-SfOuNGI9sFEsN5L1qcXwRomZi50gydySAlNE9qZj_dzBdwjrRMHu_LddLt4YJvjKlbU6x6gKCBZ2UG0BeHpvEp4IkfPeqoSTNZwmSymNeDts8vZwrjdIcgdi1AL4geMEVROJozB-b0CRRM-sDcDCeyTWZ1WECXPB2i_nCwzrkjWBYOegFjQOVGaqOsXZ9i2pZ2soskM0IFEO-BRoIz3xBdvcm5rLSEuZVaSmp9StD0prlge-5EHH4s04c7fg04yK7k6bU2TuMDxu08Lnup0u1Fv8Ae9vNUX3i5kKFJ&sai=AMfl-YQcYdyvhHF_VZ9boMrNQ7aRd-eKeSlnE8G-bcUXLcFYdj8OvuM4dmvjBuvyJmp_NRr2JRvGloTrzje8NvwacEIwa-hwtKNyUnXYWhdArjdq5t4-gW6O5mwm7OINfu0&sig=Cg0ArKJSzEzTPdoU-EnYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:08 GMT
truncated
/ Frame E84B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5aa89cde14900c60fc7cd0b083bd197c7fdcc6c0e689ab3ab804067f757fd37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 37B2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 20:05:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Aug 2023 01:16:12 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=18668
Connection
keep-alive
Content-Length
10116
Expires
Thu, 17 Aug 2023 01:16:16 GMT
4a.js
static.adsafeprotected.com/ Frame E84B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1549653/72464741/4.js?adContainerId=brand_safety_9CvdZO3lHPGZjuwP_8-K-AY&cbFunctionName=goog_wrapCb_9CvdZO3lHPGZjuwP_8-K-AY&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H2
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
date
Tue, 15 Aug 2023 19:01:33 GMT
x-amz-cf-pop
CDG50-P4
age
90216
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
BQjx45epcQXpQAXxqXB-OopfQpqvKH3SC8p0TvlLgH83YjPHby7BXg==

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3761 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2450:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 62c19c8529da15502cb35329ecc9b474.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
28441732
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
XVkoYjHNXGL9xif4MewXQANIHtTBKjF6nXVjpE2198kTn1d2k76bTA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 52FE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
82574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 21:08:54 GMT
expires
Wed, 14 Aug 2024 21:08:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16657667486557792069/ Frame E93B 		2 KB
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16657667486557792069/index.html?e=69&leftOffset=0&topOffset=0&c=QEuQNLQW9O&t=1&renderingType=2&ev=01_250
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10758a73345558a9e7da252a34f9f613d42486a847875f938d71232b6bfe040e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
756
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 20:05:08 GMT
expires
Thu, 15 Aug 2024 20:05:08 GMT
last-modified
Wed, 28 Jun 2023 06:22:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E84B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-vbFI8-oZCa2ijyWxW-aZZuyvR6XeLr5HOonopm8t48oZJF5lopWzLT1ZmILY5lH_aKCW7ww4uroneYBwlSkvksBA0my9F-SCuPDL8wBjIzOff0VB6VaekJVItlHSxMfSPXVty5fSAfibWyX6bF0Ocg9uY1oz4lLn6yNPkRXVP5ihfhOUGxcX0KpgPZwkMk2b9glJlmOgejPpZGMK4UMGLs92SQdJntzCsCGEABnVmwGRdvgGZbDm1-pv46ZLOajpM5CZkBvEDQve8xlawU-7CkAawUMAI_QF2tAxciSdI9-goWhO9MWZml5tA5zuRBpvltyhoqWcCizSFMQHI4PhAmMv5GhwxsrDQ6xz6svIia9X2jTTcu_Fk3GKdeY7AbJzARf86r5EoKRWJozL0snwhe2snDkHkffgsZ82lZfLeqGin6ASf9TdxFtiTLTHFudnqG0jC-2gHAB-S0iXWVKbMxks-8KLhjnQS5_OPHqhFgfd-K1-U3moMvm-rIGj_2UNYP4uVXZqXWhuMUDH8y4JxBykATXrFwVq78tHf0wLeexnTWoxzgM4jGyOXkRYDFSAaRNMUZzuRmLX89li0n9HIKBgQF4KliNql1ba4S9T6brVhu-XjDA9MzJTta_vWxtHD4e2n5v5z3Eg_JJfw5zIJPpuV7Oh8YCfkUqAeNfOXn1s1ukbeZzqPpjm6cNm5yh7eITmKjd4ETs2Yxuok2y6RjoU705VDmUe47ip3j96o3C72mDzFv9QniFW0WMebc2lBZbMiu4qt3lRVGJ2SNU4F-PWlux_1i99ZP8a8QDAl_m7thhjY5JaE2eN8AvwMlOsPHCgH0wvOpdabBmlk7jjFxDuXGNsmiD7QVXc1dw6eF89WxEfcVRrg30lsLb6-vewJvkbXLXr9eoz0hCZOc4jte_QT28ahud7TQX4SeJGz0Je7rZzbDxTWvPwGt8slAPldFa63vRY6P6l2cvStY33ZOmdn7ukL3paz7_YkL7bX5UpP0M25xo_eiPRkxgcqR9AypSKUpzdA9EE-2_0SG15KuMKs-uDTddAPojy8cXacLjQP1l8R1bgYvS4AahbUHgBiIBLp0Wc3aRL23f1XqH7pEcewou35QTbo8oN_blqpeC3_9TT0njS4LTXFuFHBfApcTkvEgQgaMQwt5ZZUaSKpP6Ft1-2RofM6jzVaSlSXC2P4UZBh5KynZRbVj2c47LQ4Ug82JLJ52_n1KzWjuuxJOChLXERe3l1S5DvUIP8r1pz-Nom6gEhmeeR5Wv3uqgOkthEefQ5XsI_cOowLS5spQhr&sai=AMfl-YSR1f3G1h52Zb48W2souijGO_6lqlHo6eIYaD3pixMKyQOKV6PH01E6_Wz7r-l7vh_HW-kl_gyjqQ8emlyvW4j7R6_iIAS3n5owot0Ibjc_I4W1E19i2kDuY-iYljuMkS4WUsSe0aX3Zs61oPDQxhsLrcPiTwFHOmjhvjyUaxfqcxhFjKaqR7nruQ1706Ds5PdiJ2ytjXLEFyug19xOujTY1Ckqmt3TvxN2TcJHq0FhbyV-tRky9WLqe_uco1SeUo7uxVzbg0oP_hWjYJilh8djAEbFYjKK9ipMUIfv9BcRvS8&sig=Cg0ArKJSzMOq1KMm7aMDEAE&uach_m=[UACH]&pr=8:ED9209E05CE63288&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=173&cisv=r20230815.91037&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 16 Aug 2023 20:05:08 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=366ce9cc-badc-a79a-19be-6fe5a09aec0f&tv=%7Bc:lurOzX,pingTime:-2,time:142,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:657,mdZ:699,beA:718,beZ:719,mfA:721,cmA:722,inA:723,inZ:728,prA:728,prZ:749,si:758,poA:767,poZ:796,cmZ:796,mfZ:796,loA:811,loZ:815,ltA:859,ltZ:859%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:36%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B134~0%5D,as:%5B134~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C196%7C197%7C1981%7C1982%7C1983%7C1984%7C1985%7C1986%7C1987%7C1988%7C1989%7C198a%7C198b%7C1991%7C1992%7C19a1%7C19a2%7C19b1%7C19b2%7C19c1%7C19c2%7C19d1%7C19d2%7C19e1%7C19e2%7C19f1%7C19f2%7C19g1%7C19g2%7C19h.1549653-72464743%7C19h1%7C19h2%7C19h3%7C19h4%7C19i1%7C19i2%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b41%7C1b42%7C1b43%7C1b44%7C1b45%7C1b51%7C1b52%7C1b53%7C1b54%7C1b55%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1b93%7C1b94%7C1b95%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1ba3%7C1ba4%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd%7C1be%7C1bf1%7C1bf2%7C1bf3%7C1bf4%7C1bf5%7C1bf6%7C1bf7%7C1bf8%7C1bf9%7C1bfa%7C1bfb%7C1bfc%7C1bg1%7C1bg2%7C1bg3%7C1bg4%7C1bg5%7C1bh*.1549653-72464741%7C1bh1%7C1bh2%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bh*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:41,slid:%5Bgoogle_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0,google_ads_iframe_/2084257621807321066/FJ401M/FJ401M-DDA.A_0__container__,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_1_ad,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_0_col,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zone,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1_zonewrap,mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2_1,mntz-sticky%5D,sinceFw:91,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enabler_01_250.js
s0.2mdn.net/879366/ Frame E93B 		0
0
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E93B 		0
0
script.js
s0.2mdn.net/sadbundle/16657667486557792069/ Frame E93B 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame E84B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssx46cIuT3cwoEdw0nuTC80oVO67wfuK_aITz03yWM8RxJ2VyWKRQN1btN9aZ_KmeuR4oQW79jZ3cSyiJG-FSt9jkGZH5RoGOtvycuOacUcdXSAyBYWNdHEJjGXoSUVolmO06T7db-roFl_99rJtxDJGUwLWVZfcJD3jNmiGOQC8cOEwJ0wB-fqjXnRB7YaLceKTQoLQK-j1DIygOjNQxaU&sai=AMfl-YRzPryHUkFTfyZMkLa88DbvpMO33COjQT6eZQhby3Gn-eYxzb9xPzLLjpSaYv0a6P-BrFwlF2U-JZLg006CyZ_SkNvKUO9l7gRzXAyexiaI3QNV236QRqsU63mQautD0riS0HrFoOnLSLhCZyJr519Lzpl3eC5IuA&sig=Cg0ArKJSzGyU1u6Lj_N8EAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/depersonalization-derealization/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
pagead2.googlesyndication.com/bg/ Frame 52FE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tyUIhHw5nENfoko-nEflzhLvuy8DlML_neBMnK0HbY4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 19:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14666
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 19:41:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E84B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss-vbFI8-oZCa2ijyWxW-aZZuyvR6XeLr5HOonopm8t48oZJF5lopWzLT1ZmILY5lH_aKCW7ww4uroneYBwlSkvksBA0my9F-SCuPDL8wBjIzOff0VB6VaekJVItlHSxMfSPXVty5fSAfibWyX6bF0Ocg9uY1oz4lLn6yNPkRXVP5ihfhOUGxcX0KpgPZwkMk2b9glJlmOgejPpZGMK4UMGLs92SQdJntzCsCGEABnVmwGRdvgGZbDm1-pv46ZLOajpM5CZkBvEDQve8xlawU-7CkAawUMAI_QF2tAxciSdI9-goWhO9MWZml5tA5zuRBpvltyhoqWcCizSFMQHI4PhAmMv5GhwxsrDQ6xz6svIia9X2jTTcu_Fk3GKdeY7AbJzARf86r5EoKRWJozL0snwhe2snDkHkffgsZ82lZfLeqGin6ASf9TdxFtiTLTHFudnqG0jC-2gHAB-S0iXWVKbMxks-8KLhjnQS5_OPHqhFgfd-K1-U3moMvm-rIGj_2UNYP4uVXZqXWhuMUDH8y4JxBykATXrFwVq78tHf0wLeexnTWoxzgM4jGyOXkRYDFSAaRNMUZzuRmLX89li0n9HIKBgQF4KliNql1ba4S9T6brVhu-XjDA9MzJTta_vWxtHD4e2n5v5z3Eg_JJfw5zIJPpuV7Oh8YCfkUqAeNfOXn1s1ukbeZzqPpjm6cNm5yh7eITmKjd4ETs2Yxuok2y6RjoU705VDmUe47ip3j96o3C72mDzFv9QniFW0WMebc2lBZbMiu4qt3lRVGJ2SNU4F-PWlux_1i99ZP8a8QDAl_m7thhjY5JaE2eN8AvwMlOsPHCgH0wvOpdabBmlk7jjFxDuXGNsmiD7QVXc1dw6eF89WxEfcVRrg30lsLb6-vewJvkbXLXr9eoz0hCZOc4jte_QT28ahud7TQX4SeJGz0Je7rZzbDxTWvPwGt8slAPldFa63vRY6P6l2cvStY33ZOmdn7ukL3paz7_YkL7bX5UpP0M25xo_eiPRkxgcqR9AypSKUpzdA9EE-2_0SG15KuMKs-uDTddAPojy8cXacLjQP1l8R1bgYvS4AahbUHgBiIBLp0Wc3aRL23f1XqH7pEcewou35QTbo8oN_blqpeC3_9TT0njS4LTXFuFHBfApcTkvEgQgaMQwt5ZZUaSKpP6Ft1-2RofM6jzVaSlSXC2P4UZBh5KynZRbVj2c47LQ4Ug82JLJ52_n1KzWjuuxJOChLXERe3l1S5DvUIP8r1pz-Nom6gEhmeeR5Wv3uqgOkthEefQ5XsI_cOowLS5spQhr&sai=AMfl-YSR1f3G1h52Zb48W2souijGO_6lqlHo6eIYaD3pixMKyQOKV6PH01E6_Wz7r-l7vh_HW-kl_gyjqQ8emlyvW4j7R6_iIAS3n5owot0Ibjc_I4W1E19i2kDuY-iYljuMkS4WUsSe0aX3Zs61oPDQxhsLrcPiTwFHOmjhvjyUaxfqcxhFjKaqR7nruQ1706Ds5PdiJ2ytjXLEFyug19xOujTY1Ckqmt3TvxN2TcJHq0FhbyV-tRky9WLqe_uco1SeUo7uxVzbg0oP_hWjYJilh8djAEbFYjKK9ipMUIfv9BcRvS8&sig=Cg0ArKJSzMOq1KMm7aMDEAE&uach_m=[UACH]&pr=8:ED9209E05CE63288&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&vt=11&dtpt=81&dett=4&cstd=173&cisv=r20230815.91037&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 16 Aug 2023 20:05:08 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 37B2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 37B2 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.108.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-108-9.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 16 Aug 2023 20:05:09 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 37B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 16 Aug 2023 20:05:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LLE5VZDS-S-8PAF
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 37B2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LLE5VZDS-S-8PAF
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LLE5VZDS-S-8PAF
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:05:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LLE5VZDS-S-8PAF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=e4eeaa34-fd9e-467a-88dc-07d29f917996&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=e4eeaa34-fd9e-467a-88dc-07d29f917996&expires=30
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=e4eeaa34-fd9e-467a-88dc-07d29f917996&expires=30
Date
Wed, 16 Aug 2023 20:05:09 GMT
Connection
keep-alive
X-CI-RTID
47567d15-5015-4ccb-a9f0-86a8919ca0a7
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8117099621253661539
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8117099621253661539
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8117099621253661539
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=a6APOUbXUbtoMBmgfhVbKbKi0Yg
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=a6APOUbXUbtoMBmgfhVbKbKi0Yg
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=a6APOUbXUbtoMBmgfhVbKbKi0Yg
Date
Wed, 16 Aug 2023 20:05:09 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 37B2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9141c9ca-06b0-4ec1-84fc-83b26d2029e8
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9141c9ca-06b0-4ec1-84fc-83b26d2029e8
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:08 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9141c9ca-06b0-4ec1-84fc-83b26d2029e8
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
659834
content-length
0
expires
Wed, 16 Aug 2023 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=366ce9cc-badc-a79a-19be-6fe5a09aec0f&tv=%7Bc:lurOC7,time:276,type:e,im:%7Bimprf:%7Bttecl:270,ecd:118,tsecr:43%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:36,wc:0.0.1600.1200,ac:67.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B268~0%5D,as:%5B180~0.0,88~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tN83882+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C192%7C193%7C194%7C1951%7C196%7C197%7C1981%7C1982%7C1983%7C1984%7C1985%7C1986%7C1987%7C1988%7C1989%7C198a%7C198b%7C1991%7C1992%7C19a1%7C19a2%7C19b1%7C19b2%7C19c1%7C19c2%7C19d1%7C19d2%7C19e1%7C19e2%7C19f1%7C19f2%7C19g1%7C19g2%7C19h.1549653-72464743%7C19h1%7C19h2%7C19h3%7C19h4%7C19i1%7C19i2%7C1a%7C1b1%7C1b21%7C1b22%7C1b23%7C1b24%7C1b25%7C1b3.987057-61527017%7C1b41%7C1b42%7C1b43%7C1b44%7C1b45%7C1b51%7C1b52%7C1b53%7C1b54%7C1b55%7C1b6.987057-61527017%7C1b61%7C1b62%7C1b63%7C1b64%7C1b65%7C1b7.987057-61527017%7C1b71%7C1b72%7C1b73%7C1b74%7C1b75%7C1b8.987057-61527017%7C1b81%7C1b82%7C1b83%7C1b84%7C1b85%7C1b91%7C1b92%7C1b93%7C1b94%7C1b95%7C1ba.987057-61527017%7C1ba1%7C1ba2%7C1ba3%7C1ba4%7C1bb.987057-61527017%7C1bb1%7C1bc%7C1bd%7C1be%7C1bf1%7C1bf2%7C1bf3%7C1bf4%7C1bf5%7C1bf6%7C1bf7%7C1bf8%7C1bf9%7C1bfa%7C1bfb%7C1bfc%7C1bg1%7C1bg2%7C1bg3%7C1bg4%7C1bg5%7C1bh*.1549653-72464741%7C1bh1%7C1bh2%7C1c1%7C1c2%7C1c3%7C1c41%7C1c5,idMap:1bh*,rmeas:1,rend:0,renddet:svg.us,siq:41,sis:210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:09 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 52FE 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNwPc9CvdZO3lHPGZjuwP_8-K-AYAAAAAOAHgBAI&bg=!Pj2lPWnNAAaiGN5Pghg7ADkAdvg8WoOka1Y1Dk--2t-2-OSlL3hfeZlFLR5QyNY7l-1jq1ArsKrNTg2pd50LtbAGefCfEmnEioACAAAAWlIAAAAFaAEHCgAUCp_3CinGgDXRchx0jaj2APAuHEyZAvEe3vpZOW0LP6dzKJlPPmvJCZPXx0a4oVaT8GighSI8PaLWBb2BZw5-jgQoZwl-vWQ806778fh-ZZ7KHGywexnNQ-QL_GsQehnfUpP576qnQC79MRomL_EaHxWgzRG9Q7lusW5vad1T2iwzGR-7Q779aFiVTlyKDMPY9c6UX6ZHkDymfoUyonvEXgI3lH2RvTY1DFYltxGGkG1GVSYsSdw1WXNXnGHf8yRpDZRSjHSN-xUZ5D7Q3HrlkscDXdPoNS_FKJ2XqKdaZnlxwg4KKDMXGXnYis0y2sbfFS4FZNWcAnP1Kyla6Q6Vct6-uFcMWB5XiYNlceNDtxK-CuvtTK7xMOXA95Z_mQIMC7HeyyCFfNXnqyRxTa6ym28CwFRGOkLt_rx4ZGvHGowKiawGeuY4QLYVLslLK0u6cXM3L5TTVDuJRjnYp-VWz5KHlTkaitbYspqcQACdfBZaOqy65bdeUWso4qs0ROs41thltSfFy_iGeaQUC9B__rXuAfO4CWoJyUto6EKUx0UVaoD-YNTeDFK6vHO2r1gO2EMiStoTAkUucoihENpfjxwALzmhD39KvWR_CvW2FAyV16Ens3TWeVYbQB64otkbb1IsLaiftRKXnYLGYPi4QU92cubtoqmxy4liwVZFK8ofY8kY6Nwh2V72b6pAN-8e6GnJXkBJSHGFX3kOzke3xY8G8rU5Qs2G7o-oOlwN0prsRjmnE_10ktPEGRoxcdg9hk9NWkAJNUy1PET3itLqzz7eaFpAHqWO5u1bbPuCVHPd246W6khGgjOQSzmMHCovn9zZ93QVIH8mMk9wGL0NVFHxJ73C3f5RRXFuYjC3i-CgB--CtFMx3vythERUBAyYZgdMAn00cCn-gbL6_HunDFael8bFyjSwWmV7LqLeBxKTkh5LvGdyI_B0PvDRmW5KeIO5DFQ8V9QQO7QvD-FEGBgKpioiaf9R0wyivEFgZk3O_IFbb8AxQSwUJAebwvRrCNx2WNAChkc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1549653&asId=366ce9cc-badc-a79a-19be-6fe5a09aec0f&tv=%7Bc:lurOFm,pingTime:-10,time:477,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692216309172%7C%7C5a8ee45436c17d4aec223a786450c43a%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7C39cc8910e5b72fa7985bef3eed49b0c5%7C%7Cd1174a235da304e5e749bbf593f4ae2c%7C%7C5b730df8415e26c71cfb968b0b8d79fd%7C%7Cbf89bfbf39220a0f46426cae03a59154%7C%7C8ad22f66efabf618badc295787ee1b9a%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:a4b4:a840:33fb:2084 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:09 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame E84B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNz1YiFR1iM7n6sjlAdiIZy6ts2tXcxszmbs74AHU6o_-QkX9XtYRNtS3qNqlhgD1wbKFdFdHjDvxUFGNhyii73cxgMcVf9H28AO_9G3ARshPe-hOZ&sig=Cg0ArKJSzIN0OsLxCmm4EAE&id=lidar2&mcvt=1000&p=1110,67,1200,795&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692216307978&rpt=684&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/saambaa-bloggernetwork/b-ee4b1d5-71f746a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=554127903003&version=m202307240101&ct=76&x=8&cor=10145685200635085000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9ZaT-fzhgAMVqoiDBx3aHQE8EAAYACDO7a9PQhMIot3V9_zhgAMVAdd3Ch1RggbX;met=1;&timestamp=1692216311877;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1642 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9ZaT-fzhgAMVqoiDBx3aHQE8EAAYACDO7a9PQhMIot3V9_zhgAMVAdd3Ch1RggbX;met=1;&timestamp=1692216311877;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIiPWc9_zhgAMVfImDBx2fjwB2EAAYACDE0qFbQhMIk-Dx9vzhgAMV2do7Ah2Qbgm5;met=1;&timestamp=1692216311938;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 1B34 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiPWc9_zhgAMVfImDBx2fjwB2EAAYACDE0qFbQhMIk-Dx9vzhgAMV2do7Ah2Qbgm5;met=1;&timestamp=1692216311938;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIoZSe-fzhgAMVTYiDBx05vQqVEAAYACDO7a9PQhMIi9zU9_zhgAMVd5qDBx2-yQ7b;met=1;&timestamp=1692216311961;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9576 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoZSe-fzhgAMVTYiDBx05vQqVEAAYACDO7a9PQhMIi9zU9_zhgAMVd5qDBx2-yQ7b;met=1;&timestamp=1692216311961;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI55Ot-fzhgAMV7oyDBx3g7wjHEAAYACDO7a9PQhMIi8bU9_zhgAMVgQGLCh3apAQv;met=1;&timestamp=1692216312111;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 10F2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI55Ot-fzhgAMV7oyDBx3g7wjHEAAYACDO7a9PQhMIi8bU9_zhgAMVgQGLCh3apAQv;met=1;&timestamp=1692216312111;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI-6rN-fzhgAMV7YiDBx1lKApwEAAYACDO7a9PQhMInp3j9_zhgAMVkUTgCh08UQZz;met=1;&timestamp=1692216312144;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 48B5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-6rN-fzhgAMV7YiDBx1lKApwEAAYACDO7a9PQhMInp3j9_zhgAMVkUTgCh08UQZz;met=1;&timestamp=1692216312144;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIlOml-vzhgAMVco6DBx1_cAfKEAAYACDO7a9PQhMI-8n29_zhgAMVk9F3Ch034Quc;met=1;&timestamp=1692216312950;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 498E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIlOml-vzhgAMVco6DBx1_cAfKEAAYACDO7a9PQhMI-8n29_zhgAMVk9F3Ch034Quc;met=1;&timestamp=1692216312950;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Aug 2023 20:05:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIvdHh-fzhgAMVs4GDBx0Azwp4EAAYACDO7a9PQhMI7tXl9_zhgAMVjDbgCh3hnQlv;met=1;&timestamp=1692216313126;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 705F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGm1asyBg4o8P9jpJaB-v40&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22183673442dfb3e92%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&s=3167ca6a-d1ce-4e22-8608-f389dc511e7f&pv=644e8615-25a7-43f0-a897-24ed48a18810&vp=mobile&lib_name=prebid&lib_v=8.4.0&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/a/c
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Domain
targeting.unrulymedia.com
URL
https://targeting.unrulymedia.com/unruly_prebid
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1919d9bfa82eb709&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.11165044909457489
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.4.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%22193c5678b66da869%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250_desktop%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fdepersonalization-derealization%2Ftest.php&bust=1692216297939&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Depersonalization-Derealization%20Test&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.4.0
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRyPz6zlyMB4FAP1BVi3H3bxIRwIE_r_7VN8KDPbjnlP9TLr1aboe8MfkuJgNF-1VZPSraetchrNXAY1_nMFAvG891USxdUlPKDrVIXwDg1hChJd0-CJYmkCJKqsny4OYa3Yblafl1jlv-c79XIz69p7oqiqhNs5mm11d2RhQLbnnPVqPoQH5MWOTkjZ2bpmNVGi4XeQAoaEk_63dx6gWTOFuozL_buv0En1W5ZvXZqqdDHV6138q-kg26gDZUkrvYsXtAB9plE7h1F2K6Vomtrxr7odMr1vHZq_eYib_LgBzoKpPEGm40e9hMSUUtjf1OMHHj_cFUMTCa4BACMoeP&sai=AMfl-YQXFXi5vOvAbwvZCw2gdjIk_O1UMNF2O-kLpV7riS9HiZnE6Bw_wEN6ccbdj3fgmbDPq_Halda_nSaVHtutJdg1KN_pfqD1-RvU6X_VpITumLle0RvNffQGDpjpODk&sig=Cg0ArKJSzNHwkpLvMtzwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ7nosgDvw7FG7JBVhky_hJZ6MMwibcvlmg_HlLEwJTnu-hD22WZVX62BnqSX4k7AzegRxtZGUoSwlmtCxs-eBxiDNuC6x-bG54S0jI8l0mV3tzQqw&sig=Cg0ArKJSzMI_lwzZaAwrEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1246821082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692216292433&rpt=7521&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6ZRWDVMdNq6shm40eI9Z6nYkSoWy1XfAgda52DQk4rKFV3DHQuEaKO14tBQj0_uI5JY1EcaGu7dsq5pXPweyn8T-1P0t25woWwIM5Q9DUXRiNGRu8&sig=Cg0ArKJSzBmE2IPTToKpEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230814&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=495745907&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=2&r=b&rst=1692216294538&ec=1&wmsd=2&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTa6dSiMYrkWqGnCfrUQZmBvtd0Mx1Bsp8k4K_cl11kq6wehX6QDAbxc4F9jZZ4-vMF5UR--FQLHVgboOGVD0hSf1I74MKPH1d7ScH7MwboFyurOkPBmcy7yeZDpD41YvxG6FJvzuhpf5MRVb68PsoatCT9wMK7cB6HVKFeSrsNHs0GfePPicf0-tFkNMJMYaq3vDSwVgI6yiKj6wZsLUj6-EBgHAeV6S6-SYn_feEnje19pYuflupzmqU45Vqy6jxcl22LjH5-CK09p-1mG9E_OTG-H62iyHe2JOCzA6O4SD72xD5m7lrHqYba26wW2-qm2lyFet3Jr6bm3AX5wHczw&sai=AMfl-YQ-hCfgNFSopDnKXaSQLqd8ynU7VoQm8XqonhmVqN8yPkWFJj6PrLTTVuwjKj6tlL750qoofJibXwGcmv6QTpOQJhVQCVtHapfHZ1DAu-n-2uWhDsVeV9-QnCyjdEs&sig=Cg0ArKJSzBxb_3RMfUayEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230810&st=env
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4JJy7PynX03OlDPN_LkS6qsVFpw4b2FIz6ue4QDP8rjARjlmGCVy-9uMoPcbGa5yeEnATnhSxRPBra9whJbOYh4yGLrVD5Khl4zdC9OFooP_NhrAz&sig=Cg0ArKJSzMpQGvD6Fk3YEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=965386203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1692216294486&rpt=7398&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-jrfnHnyfu1jsZndCr0QTUv3zfk4AKjFoOntB2COaujJ4qYwvNm1nUKSQQZzrrYsH8KPnoO69GgIAR0HDvbQVkE8R403gxGmubHz7aInGKDYE21qt&sig=Cg0ArKJSzLZrK0YBpsuqEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230814&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=2460199046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=2&r=b&rst=1692216295195&ec=1&wmsd=2&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/5401670607341155244/script.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPfDYChDg-jEQ8vkIJgSOxTi_dfLfvS7IyyssoIA_fj4MhQnB-AmzK2f1hv7f_WQonTJZ5OnyhXlyKR4RZu_wd9855LXO5UTOtnEZLr4mq6Mqn690W&sig=Cg0ArKJSzHMiYgppYYPGEAE&id=lidartos&mcvt=12288&p=1110,67,1200,795&mtos=12288,12288,12288,12288,12288&tos=12288,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1692216292199&rpt=2879&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ezW6cgZgj_kY1beqpvCXxx-mbvRWybntGIq3KGPCdpf6V7vbGpTe4pi2iU5KJVAwP55ao0qoB2Wuzjh9-qW8iT6eMZehVZENutMh2CKTU2k&sig=Cg0ArKJSzCJksmAXkwEnEAE&id=lidartos&mcvt=7149&p=0,0,90,728&mtos=7149,7149,7149,7149,7149&tos=7149,0,0,0,0&v=20230814&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1692216292199&rpt=7868&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/16657667486557792069/script.js
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvdHh-fzhgAMVs4GDBx0Azwp4EAAYACDO7a9PQhMI7tXl9_zhgAMVjDbgCh3hnQlv;met=1;&timestamp=1692216313126;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| $MMT function| $ function| jQuery number| mobile_width string| COOKIE_NOTICE_HTML function| prepareTest function| gtag object| dataLayer object| TEST_AGREEMENT object| TEST object| google_tag_manager object| google_tag_data number| currentClientWidth boolean| is_mobile function| postPlaceCanvasSlider object| $qcont object| $range function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint string| c object| blockedPages function| blockCurrentPage object| googletag function| xDomainCookie function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| _aps object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| confiant boolean| apstagLOADED object| apscustom number| google_unique_id boolean| creativeVendorLibraryLoaded object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| signal_decrypted object| _33across object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| ID5 object| __id5_instances object| atsdetectionmodule object| atsenvelopemodule object| ats object| GoogleGcLKhOms object| plObj object| google_image_requests object| -10dbfk08b2f4 object| googDdmPs function| __IntegralASAdPush number| google_global_correlator object| google_prev_clients

145 Cookies

Domain/Path Name / Value
.www.idrlabs.com/depersonalization-derealization/ Name: qsort-depersonalization-derealizationEN
Value: a%3A20%3A%7Bi%3A0%3Bi%3A14%3Bi%3A1%3Bi%3A3%3Bi%3A2%3Bi%3A6%3Bi%3A3%3Bi%3A5%3Bi%3A4%3Bi%3A11%3Bi%3A5%3Bi%3A1%3Bi%3A6%3Bi%3A15%3Bi%3A7%3Bi%3A16%3Bi%3A8%3Bi%3A13%3Bi%3A9%3Bi%3A18%3Bi%3A10%3Bi%3A19%3Bi%3A11%3Bi%3A2%3Bi%3A12%3Bi%3A12%3Bi%3A13%3Bi%3A17%3Bi%3A14%3Bi%3A9%3Bi%3A15%3Bi%3A20%3Bi%3A16%3Bi%3A4%3Bi%3A17%3Bi%3A10%3Bi%3A18%3Bi%3A8%3Bi%3A19%3Bi%3A7%3B%7D%40expires%3A1692821088
www.idrlabs.com/depersonalization-derealization Name: session
Value: bf275f2c-a982-4318-a3d5-f99925191918
.www.idrlabs.com/ Name: nonce
Value: f97a0f54842247ae5feeae%40expires%3A1692389088
www.idrlabs.com/ Name: srv
Value: 7b38c2cb63fa|ZN0r4|ZN0r4
.idrlabs.com/ Name: _ga
Value: GA1.1.1630745151.1692216289
.idrlabs.com/ Name: _ga_WZ4R7WY0KV
Value: GS1.1.1692216288.1.0.1692216288.0.0.0
.www.idrlabs.com/ Name: cookie_notice
Value: 1
www.idrlabs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.criteo.com/ Name: uid
Value: 9141c9ca-06b0-4ec1-84fc-83b26d2029e8
.idrlabs.com/ Name: cto_bundle
Value: ywuuHF9UNFJsdkRHaWtCYmlpeDYwQXlRa29ub1FMSTc1VnNWVTVna2JJc05DSGh2eUpVNVFNbkJ5bGluVWRDaWJEZWJRMmx2WWIlMkY4VW1hc3ZsNzAwc1o5UTRGZSUyRkJHWlFiejlQMEpSMFd1YVhyYVFVJTJGdEpuR3pnb0tma2I5RG0zYXNHNDZKJTJCJTJGczB2Ump2aFJRWU1CYlN1S293JTNEJTNE
.openx.net/ Name: i
Value: ee696126-2d10-4fc8-9e51-1cffb9e9844a|1692216289
www.idrlabs.com/ Name: _lr_geo_location_state
Value:
www.idrlabs.com/ Name: _lr_geo_location
Value: DE
.idrlabs.com/ Name: __gpi
Value: UID=00000c61e99faed4:T=1692216289:RT=1692216289:S=ALNI_Ma97c6k4vKZWWi2008mBv_fsRqhTA
.doubleclick.net/ Name: IDE
Value: AHWqTUnCLgsd3d2qAnY83GinVGgJjGGVg6BKzvSBAK3hdcs8vOBukXhkenjsYDZBTqs
.casalemedia.com/ Name: CMID
Value: ZN0r4gzkfLKSDsPHFf0tggAA
.casalemedia.com/ Name: CMPS
Value: 3388
.casalemedia.com/ Name: CMPRO
Value: 3388
.adnxs.com/ Name: uuid2
Value: 6671895379648701912
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>4wUHR3!]tbPl1M>e)ZlrFUfJ+tGXxo@9uyelAmc@8=6(91DCs!e?/Pp@aaT!.CcDwl3If)y3KL9D3I?+jr5*_a
.doubleclick.net/ Name: APC
Value: AfxxVi7dqHT-1oWitk_itzvXGoFazY5NLzNCGzbh9m6FGcmHQktyzA
.idrlabs.com/ Name: _pubcid
Value: 4953a91a-1066-4482-83a5-44ad63a84979
.blismedia.com/ Name: b
Value: 64DD2BE3F147CC052ED6E2B1BLIS
.ctnsnet.com/ Name: gid_CAESEM3vP7NicmNwQ5hf513uMNE
Value: 1
.vodafone.de/ Name: oshop
Value: queryparams||b_id||1779||queryparams||shopid||2673
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBOMr3WQCEGiCkroHnLJ8Bi9cGzSY9zMFEgEBAQF93mTnZAAAAAAA_eMAAA&S=AQAAApSoDUy1bbAdwcZRXA67Bj0
.adform.net/ Name: uid
Value: 8117099621253661539
.quantserve.com/ Name: mc
Value: 64dd2be3-500b6-d035a-f287e
.idrlabs.com/ Name: __qca
Value: P0-1452886255-1692216291207
.go.sonobi.com/ Name: __uih
Value: 1
.rubiconproject.com/ Name: khaos
Value: LLE5VZDS-S-8PAF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo5zo9XfyqvUy+IXqvPVzt4X6LBWwGzep07cZe5xyGZWWolVtszb1c1qXKyMctErmC0fgKlSqg69eBxGCOXoSK1K7299Lpi5lu+xUA9sgf/4b7FQD2yB//h
.go.sonobi.com/ Name: _usd_idrlabs.com
Value: 644e8615-25a7-43f0-a897-24ed48a18810
.go.sonobi.com/ Name: __uis
Value: c245c61b-d2c7-404b-b723-97e74240e839
.bidswitch.net/ Name: tuuid
Value: a9c792d8-c433-4bda-8e77-53f3288eaba7
.bidswitch.net/ Name: c
Value: 1692216295
.creativecdn.com/ Name: ts
Value: 1692216295
.creativecdn.com/ Name: u
Value: qxGHwekWHjE8X0nVP5t0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7d12c197adad9f45
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1AhLmFoYmBsamQnyGugUePq6hXiVpOQEFngAb0sqMJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1AhLmFoYmBsamQnyGugUePq6hXiVpOQEFngAb0sqMJQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEE7jq8i2-u87OzW_hqiUjfc&KRTB&23025-CAESEE7jq8i2-u87OzW_hqiUjfc&KRTB&23386-CAESEE7jq8i2-u87OzW_hqiUjfc
.bidswitch.net/ Name: tuuid_lu
Value: 1692216296
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
.3lift.com/ Name: tluid
Value: 4274922726051267046942
.demdex.net/ Name: demdex
Value: 88308520540943341932673592611998096671
.dpm.demdex.net/ Name: dpm
Value: 88308520540943341932673592611998096671
.simpli.fi/ Name: suid
Value: A317FDC798E84381B009CBFACF0D0DB6
.company-target.com/ Name: tuuid
Value: de7ef2db-7559-4d02-83e6-4ea54366e7d8
.company-target.com/ Name: tuuid_lu
Value: 1692216298|ix:0
.bluekai.com/ Name: bku
Value: oxL99mGglVEvNu9v
.bluekai.com/ Name: bkpa
Value: KJy9xyYXd02pSUHknp/8meWdSVx2JZ5Fqt5LjP27SVx2x6aaD6PmSlHwDaJJ1sR6mDNMUNCn5AAT5Z+pJZ5Fqt5LjP2M5ZP0wEWe9mA7aGy=
.turn.com/ Name: uid
Value: 2658299185019424115
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN0r6gAAADkb0ABV
.linkedin.com/ Name: bcookie
Value: "v=2&8942c746-781e-476d-85c2-3cb4074b76c9"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTIyMTYyOTg7MjswMjHSadjuaQGvA0AFDzqva0mqrnNBFkHYJDL/9y7sblAOuw==
.linkedin.com/ Name: lidc
Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2615:u=1:x=1:i=1692216298:t=1692302698:v=2:sig=AQGuvxwe8Ixdr4WaGXkizEK1ENILoCgd"
.amazon-adsystem.com/ Name: ad-id
Value: A31cqkF3Sk5JqzyXWYokp-0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.idrlabs.com/ Name: __gads
Value: ID=989312272d138a19-223fcc4a51de00bd:T=1692216289:RT=1692216297:S=ALNI_MbEbjG6HjzV8p3Yu8rZFh7oPEqCoA
.quantserve.com/ Name: d
Value: ELUBCwHcKfijAA
.weborama.fr/ Name: AFFICHE_W
Value: huf@VvClOqOG73
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt&KRTB&19420-1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt&KRTB&22979-1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt&KRTB&23403-1kaeTNIQnxvNR8oYgkTXTNBBz0nNFMgQ1xc96UKt
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8117099621253661539&KRTB&23263-8117099621253661539&KRTB&23481-8117099621253661539
.audrte.com/ Name: arcki2
Value: g86PaElKw7bS2uLgc28W1aDXQ!20220908!1692216300102!ip#178.162.209.136
.audrte.com/ Name: arcki2_pubmatic
Value: 366693DB-BB9B-41C7-8C8F-5D6C4D021BFA!20220908!1692216300105
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: fd1b83bffa0fb8ae
.pubmatic.com/ Name: DPSync3
Value: 1693353600%3A197_241_235_201_245_227_226_219
.audrte.com/ Name: arcki2_ddp2
Value: g86PaElKw7bS2uLgc28W1aDXQ!20220908!1692216301100
.pubmatic.com/ Name: pi
Value: 161763:4
.awin1.com/ Name: awpv11830
Value: 296283|1692216301|2efb5110-3c70-11ee-9f65-22389f6b057d
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlkZGhmbGBkYGn4C843srQwMTNYJYrgm5pYGAAAqKR_FjAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588525887814035
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6671895379648701912&KRTB&23339-6671895379648701912
.onaudience.com/ Name: cookie
Value: bb1b73b341db9703
.onaudience.com/ Name: done_redirects161
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 034d9e5c-865b-4bb4-b5fc-ef26cbf5ce15.461430302
.adfarm1.adition.com/ Name: UserID1
Value: 7268013674851530905
.zeotap.com/ Name: zc
Value: 79362f35-5a59-4786-4b3b-ef34ddf9510b
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7268013674851530905&KRTB&23369-7268013674851530905
.audrte.com/ Name: arcki2_adform
Value: 8117099621253661539!20220908!1692216302108
.csync.loopme.me/ Name: viewer_token
Value: 64dbe007-b2f0-4d01-b575-bc8fcd1f53d5
.semasio.net/ Name: SEUNCY
Value: 1D8D70F4374052AD
.awin1.com/ Name: awpv14098
Value: 296283|1692216302|2f468ae0-3c70-11ee-b5a9-2261897cac57
.t23.intelliad.de/ Name: iact
Value: 00010A186B745776D11095541E53E9A3B92A
.t23.intelliad.de/ Name: iaimp_42842
Value: 1692216302:42842:100:137:101:248:101:20230816200502239834179db0fb16
.awin1.com/ Name: awpv11601
Value: 113440|1692216302|2f4a8280-3c70-11ee-9f65-22389f6b057d
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2658299185019424115&KRTB&23150-2658299185019424115
.bidr.io/ Name: bito
Value: AAD7ZU7JulgAACQgJtyr1Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.adx.opera.com/ Name: UID
Value: OPU8c459b38ab1d4f1288f9b87817b691b4
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6ba00f39-46d7-51bb-6830-19a07e155b29.W6RqCe2c92khI0D3wUAp2AqM%2BWNIhsVuAi%2BSFn8Y7Fg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6ba00f39-46d7-51bb-6830-19a07e155b29.W6RqCe2c92khI0D3wUAp2AqM%2BWNIhsVuAi%2BSFn8Y7Fg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aa6APOUbXUbtoMBmgfhVbKbKi0Yg.FyEuuNuMcd67ixfcWNgO9KU5QB90TkTSfPF5HIFTgUw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aa6APOUbXUbtoMBmgfhVbKbKi0Yg.FyEuuNuMcd67ixfcWNgO9KU5QB90TkTSfPF5HIFTgUw
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDiVK-YR26jVEepEo_6rLPBcqCLZ2q7ucJcv21CMn8kjEHwYBCDu1_SmBjABOgTa3nmDQgQSCMUg.K8O%2FZGflTY9NJ5BV1JYkkfDFfr%2BM06c%2FlwpsScYbwpQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDiVK-YR26jVEepEo_6rLPBcqCLZ2q7ucJcv21CMn8kjEHwYBCDu1_SmBjABOgTa3nmDQgQSCMUg.K8O%2FZGflTY9NJ5BV1JYkkfDFfr%2BM06c%2FlwpsScYbwpQ
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-a6APOUbXUbtoMBmgfhVbKbKi0Yg&KRTB&23334-a6APOUbXUbtoMBmgfhVbKbKi0Yg&KRTB&23417-a6APOUbXUbtoMBmgfhVbKbKi0Yg&KRTB&23426-a6APOUbXUbtoMBmgfhVbKbKi0Yg
.de17a.com/ Name: guid
Value: 1.8984347487968648637
.onaudience.com/ Name: done_redirects104
Value: 1
.ctnsnet.com/ Name: cid
Value: 94d5112cb97d49f99bb712e217d17a6a
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8984347487968648637
.exelator.com/ Name: EE
Value: "3602b2996ed525e92c2fab24c96b6d7a"
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhhbhTYhYWbQhRTaY
.smartadserver.com/ Name: pid
Value: 2908516355434517834
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAD7ZU7JulgAACQgJtyr1Q
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAD7ZU7JulgAACQgJtyr1Q
.tribalfusion.com/ Name: ANON_ID
Value: aFntuJrZcAQ9BqEr72it9ZaBFnPrZdTv4Ag8s7xgZatTeBHHEES2Bc4rnH51FuKnRMZd0dyuPP8d8gxVWhWZasBZdv11h27
.gammaplatform.com/ Name: _aGeoIp
Value: PE|Lima
.gammaplatform.com/ Name: _aUID
Value: jtpdjcoedhb5
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-jtpdjcoedhb5&KRTB&23446-jtpdjcoedhb5&KRTB&23465-jtpdjcoedhb5
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHYzMAoycjS0iw1xdTINNXSKNkoLTHJyCTZ0izJLMU8cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6IhfXxUUpaQyLSopPBR%252F5%252FwsAnggrWA%253D%253D"
.onaudience.com/ Name: done_redirects219
Value: 1
pb.media01.eu/ Name: DTU
Value: 6A5575A8E74D2AC028EF9ECA8EA7AC1A
.rqtrk.eu/ Name: browser_id
Value: 1:b77c6ce1-a3be-4e5f-a23a-158bdf08881e
.zeotap.com/ Name: zsc
Value: Bh%05%90%26%12.%8C%D9%DE~%7B%C3g%7Df%CC%C4%F5%D4%ACT%87%A7%91%85%A4%C4%88%E7G%C1%A1%0E%09%FD%96%C6%CC%A1g%C9%80%00%85%F8%FE%A5%A8%10%23%82%BFR%96%FE%1A%AE%B8%C8%29%60%07A%7F%FD%EC%18+LLb%13A3P%0E%AF%2Bx%2A%E6%1E
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-a9c792d8-c433-4bda-8e77-53f3288eaba7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: SyncRTB3
Value: 1693008000%3A63%7C1694736000%3A203%7C1693353600%3A46_233_22_88_13_238_234_251_243_166_55_3_220_176_71_8_56_54_161_81_254_165_249_204_99_214_21_264%7C1693440000%3A35%7C1692748800%3A223_15_2%7C1697328000%3A69
.360yield.com/ Name: tuuid_lu
Value: 1692216305
.krxd.net/ Name: _kuid_
Value: PvTqspez
.360yield.com/ Name: tuuid
Value: 852a0131-3f31-4c52-9b0a-cf183f5ce22d
.360yield.com/ Name: um
Value: !55,3qLyPgSM2wZL5d8JZuPTkqcBi0yeT-.59y4v.SfwHTDK4T2n7XyF4cA,1699992305
.360yield.com/ Name: umeh
Value: !55,0,1754424305,-1
ads.playground.xyz/ Name: connect.sid
Value: s%3AbPCrfr23s4L2cJWsc_csXM4GvdkImpJ4.5%2F4quDptnVjo5R6KLtGOrxDYTmF7jimuRb0wX3KNEQQ
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a1a05b71-a586-4b11-a381-95e34e157a60-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a1a05b71-a586-4b11-a381-95e34e157a60-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a1a05b71-a586-4b11-a381-95e34e157a60-003&KRTB&17107-RX-a1a05b71-a586-4b11-a381-95e34e157a60-003
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&KRTB&23413-366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&KRTB&23479-366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&KRTB&23505-366693DB-BB9B-41C7-8C8F-5D6C4D021BFA
.pubmatic.com/ Name: PugT
Value: 1692216305
.retailads.net/ Name: ppb2172
Value: 2997143073
.tradedoubler.com/ Name: PI
Value: 1z11z1z12az1f1UZGz7ab3y1y21FmOy1FRDyyy7WPTyvUky2LcSLIyyF931QtgI6THdNON2YnN0uUD9CcBhGMSiBcl5sq2njiI5ks%7a7rR_69Qn.y
.tradedoubler.com/ Name: UI
Value: 1z11zz12az19GdhyztbDyPSj5
.awin1.com/ Name: awpv22610
Value: 296283|1692216306|31c0b2a0-3c70-11ee-898e-223287d3f473
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.futalis.de/ Name: raSIDb
Value: 2997143073
.prebid.a-mo.net/ Name: __amc
Value: 11_1692216291_1692216307
.go.sonobi.com/ Name: HAPLB8G
Value: s86208|ZN0r9
.pubmatic.com/ Name: SPugT
Value: 1692216307
.tapad.com/ Name: TapAd_TS
Value: 1692216309019
.tapad.com/ Name: TapAd_DID
Value: 6e25ecac-421d-4e3b-8245-e746a4560256
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ipredictive.com/ Name: cu
Value: e4eeaa34-fd9e-467a-88dc-07d29f917996|1692216309296

8 Console Messages

Source Level URL
Text
security error URL: https://07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20031722621&extPm=20031722621&extCr=487657281&rnd=3503752653;' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGm1asyBg4o8P9jpJaB-v40&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://bcp.crwdcntrl.net/gmap/?google_gid=CAESEDOvi_ysTOkGuFr62JfGesc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=366693DB-BB9B-41C7-8C8F-5D6C4D021BFA&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering warning
Message:
WARNING: Too many active WebGL contexts. Oldest context will be lost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02babbf29b64ab4b37f995a95fa2e399.safeframe.googlesyndication.com
07e3669c7c9fb7918fef63138a9d919f.safeframe.googlesyndication.com
1x1.a-mo.net
23ec145b82ce5793435e87dd737c652c.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.saambaa.com
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.idrlabs.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.retailads.net
ce.lijit.com
client.aps.amazon-adsystem.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900012.redintelligence.net
hal900025.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
img.tradedoubler.com
impfr.tradedoubler.com
imps.monu.delivery
invstatic101.creativecdn.com
ipac.ctnsnet.com
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
loada.exelator.com
loadm.exelator.com
m.exactag.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
medialead.de
monu.delivery
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
protected-by.clarium.io
pubmatic-match.dotomi.com
pv.medialead.de
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.adx.opera.com
t23.intelliad.de
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vfd2dyn.vodafone.de
ws.rqtrk.eu
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.idrlabs.com
x.bidswitch.net
x.dlx.addthis.com
ade.googlesyndication.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
fastlane.rubiconproject.com
htlb.casalemedia.com
pagead2.googlesyndication.com
prebid.a-mo.net
s0.2mdn.net
securepubads.g.doubleclick.net
sync.search.spotxchange.com
targeting.unrulymedia.com
104.18.11.47
104.18.24.185
104.18.25.112
104.64.118.247
108.128.74.29
108.139.243.44
13.224.189.31
13.248.245.213
130.211.44.5
138.201.63.145
138.201.84.245
141.226.228.48
141.94.161.190
141.94.171.215
141.94.171.216
141.95.32.72
141.95.98.64
142.250.184.226
142.250.74.194
144.76.91.199
145.239.193.130
145.40.97.66
15.197.193.217
151.101.2.49
16.16.86.227
161.47.17.28
162.19.138.119
172.217.16.194
178.250.1.11
178.250.7.11
18.155.129.80
18.198.126.47
18.200.193.67
18.66.110.17
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.81
185.86.139.94
185.89.211.84
188.166.17.21
193.0.160.131
195.5.165.20
198.47.127.205
2.18.96.187
2.18.98.78
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.185
213.202.235.9
216.52.2.16
216.52.2.6
23.213.161.138
23.35.237.56
23.88.86.2
2600:1f13:800:7780:a4b4:a840:33fb:2084
2600:9000:2127:1000:a:e047:753:6381
2600:9000:219c:e00:6:44e3:f8c0:93a1
2600:9000:2450:1000:8:48e:53c0:93a1
2602:803:c003:200::31
2602:803:c003:200::77
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:3456
2606:4700:10::ac43:db6
2606:4700:3031::6815:d20
2606:4700:3032::ac43:c5a2
2606:4700::6810:5914
2606:4700::6812:18ad
2606:4700::6812:4a5
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a01:4f8:d0a:2321::2
2a01:7e00:1::b903:5c4c
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:1700:6::17d5:a191
2a02:fa8:8806:12::1400
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a
3.124.126.0
3.220.245.178
3.65.183.29
3.75.62.37
34.102.146.192
34.102.163.6
34.102.253.54
34.111.113.62
34.111.129.221
34.111.131.239
34.120.135.53
34.241.158.58
34.91.62.186
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
35.158.144.31
35.186.154.107
35.186.193.173
35.186.231.97
35.186.236.140
35.190.39.111
35.214.212.177
35.244.159.8
37.157.3.26
37.157.6.233
46.228.174.115
46.228.174.117
49.12.16.151
52.209.112.33
52.222.149.74
52.222.253.136
52.46.151.131
52.48.108.9
52.51.140.18
52.51.98.172
52.7.131.84
54.156.84.254
54.167.179.9
54.247.148.218
54.77.49.106
65.9.95.111
65.9.95.19
65.9.95.22
65.9.95.48
65.9.95.9
67.220.224.144
69.166.1.66
69.166.1.9
69.173.144.139
69.173.144.165
72.246.169.24
72.251.241.204
77.243.51.121
82.145.213.8
85.114.159.93
88.198.250.30
88.221.169.246
94.130.102.164
94.23.99.218
98.98.134.243
007706b85d6f3739b47c0e9b6819e396021e781bc6e6ccc9ec7b423fc6a91d6d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
014c7e737f5d8030f00cd80d58499ce60f401e30a092cd840cd2ee8bb4af66ee
01ac0a2e11bcf537ffee30cc838a38b0f76180da6db0f2a1cecabe041a4b8d95
01b72c274ed4111542b38568fcd696e04f1ef2087425a6db2e146a1c581f3afd
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
033e41b93aa2196f872217ade1947e46867a70df548e6c63f40d3c2f8051af58
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
0407e997af810be2440b9926e4707ebeb2402754c7ee84de02b0e37feee97dc9
05592ec5a00cbcb8891bf1359000261bd198a8fcb18a2dc6ffabce566a219184
05cd466978b0f61c4b880f17af4fbd68b6cf7714fb3960dffef5389d45f60d39
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f1faf371de3acd2f199ddfce07c4f1b8e61454dbc8485f144e3436c01dc2be
071c931968fe7b13fa6e785b506d1620f3b88f969a9ca9049fa6e06c1fd792b5
078bf76b96857d35c659ff64a1b6038f6a350e5f05eca8cfd8d1d776d437b22e
07b3e8115c21b35e5dc22314e89461435aca1cf9a17b702100f4d91979be00b5
08047a425a18120bdb47132b029cd83d5c0a80fab942dec79eca9175c819ba98
080bc197d57a3d9669800f997f8e4868708f4779e2fdffa173ebd6fe60b584b9
084be608909e9a93a8e6f6e741425b740e27c4d2835aa8ec73d21a4031ba326d
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09fe9153f060ce9bdd24e16e32b11c4e8b8708e1ecb454c605788112cb9ff42a
0a4fc3c070cdbec01bfc269d65ee1116373dce23b6e09c7f2105809ddc6981ba
0a5805cbedcf948d278d97131f1864f8e4b6a7d746cf129efd35cc4d85d2555d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0afd9143ce89fb191f39969896914084d223d3048a2c24493fb56ee32414dfb2
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c10c080c8b121f6d3a730ca2b36b75b42e6cad395ef80e9b5326a71a25c4557
0cc9b4bb76dff3c442af0823bab18c5d0500bf5a4d017af91beede311161e0cf
0d0091bf01bcf43c0e5f328b4dd477a15d5e0c2bdedb9e8243b20bd840dbc6ca
0d390acd69ced714ce367e63a9cf88ed6437ed8c376e17513c45064b9a3774c1
0d78583bb88c074b8770263e7e1690b71e066a924a8bb9d183389e4c904d38c2
0d9c41314ce201ce624d2d82c9c55edb1c0fc5af1f2698c25ff58b9b8eacc40d
0e00393cbb3eabec3e67ac44c8e83c619b89b3b598e35b08c7b20809816e680d
0ecfe08ca12a8ea34882598b92fc2f1ea6fcec666ae933eb498952233abfed95
0f6a59a0e5b314c46225b4e6de83476edc6123fac80a5ce8b36bca16bbf448e4
0fe7903f15668c0705c3772d257f95b24aca5a13942ada1c5120469b162ccb61
0ffe2aaab1bef4604c7a662868e7fa4293112f762c706419c72cda3f8805fb1e
101b2971226fcface7e04d37e626c0fad227aee821892e8fe4ec3d0ca6ebaa70
105a070e2462ee0dd7cf3176254dc18e291b25db3a1016084f2527637b5533b8
1060d0aa86d4cc1ce004a3bd4bdd6de7d6d167b2ae9729c7875ca45fa7d4fe56
10758a73345558a9e7da252a34f9f613d42486a847875f938d71232b6bfe040e
10abafeac3e9335aab5690171f909a2706038f790ddc4f2305b0cf7799868f0a
10dedceab30b8ec091e300bd2bc3245a32436f71923d3a9cfd26b2195a98d64f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13745cc22a703c6f57dfc8baa8b3d4cd7d0bb10f71f3fa6ae663fdfee8ff98eb
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
175ed41ba5dfc9eaa6b93d806adf38ea7f6b07800fe02c58ba2a94a37ec0eb5b
17d6702de2442bdc8fc6e31b1b9b44270b891315fb398c54828dc076877dd720
182a6d494489941e07338822bb1d1c4f02410e044e97f20aa28f364e2faba2d6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19a4179d54d28407e31fb70ce1d039bdbfabf4b8bbe97630c64054168a2bdb46
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c8251f8bc63f080d087dfc29f957f22da469c0ebb7ac292266a4e0c9a772803
1cbf439808b5e51bb4c6ed5281fa9ef82810f01154473c4ebd07deb29a4d6603
1d76a3ea01208d44c87c5f03366d6524b3b3b7180061a3e0cb83f13c11c770a1
1e08b83b3a0404836f913f3be9247a3785c929cb8d23a724bf3d7e7b50c51558
1e0c149db86996bc9c77f0ef7ab74a3c7820cd9a66f83b4d467017cb3790fd73
1e39858ac0f08360a047daf78751d859e1c327b2d85ff782c77e2d42ed0aadd4
1e3a9b608e34d3a0e9ad090e78a71c835e16a2056aa10fca2ac1202c195c36e9
1e90c5a79750e87bc56d05a46dfba04402328d78355e93dc3fca8b37e508adcc
20520a6ea0ae8a71cbe65bf7efb7b3e91d68106685b04533c0f1607d82c6e3c5
20dd75e3084b960f88feab7514ee660f4e8301fa978b1e4a344643f95e1f4bc8
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21a2d2a1e489bd9043fe4d6224a5003b4476aa9887bffbb4317c2316e80f756d
21c21011998a4387f8c49704c0480121d223c32169d4dc1301d000b264a48479
226f1187e4ddd7c4009d4133602f6f58218c9f714e181abf1d6c6db3977382da
248266979d34661864436c20b8027e3fb96e55dc34ea9257c9780d60e99000c6
25adbaea9758142daf4d0be260e1be3b19b540b5c0a36977a08e653c1e3c3913
25dae557ff00fd9af636531bae28679c8b7b78bbbfb2c91ee37ec5960f5552cc
26a1db3d0c4a40c80623d2d3c9bd55957ac248b7b3033c355812e40c6fe06f59
271381e4fe734f81f1bd4750cd6d46a71804467e0def7532cbfb53d49119313b
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
285e9f4e69983cba9b57858c01a884e2e71f2282a83be5a4080da5003c0a3b06
297bc95664b1b2d90e4be901e537c6b63d4320a3a07c45b60e36961163048426
2a8d795f2ec87773b50b3d0244991a98dc45eeb8b5d61ae1a7bedcc1d198c43e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa79043a818aed122708cdc0ed05e6f08dada1c5c2affc136b19d0cff5d8066
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2bace19c6612e67ff13de49655f6431c589bc2a50e6d1ec9fd1b47d0cefdb61b
2c3822989f5f75bcde0e6604b6d55c029607577370ccf7fb8b9ce2d01ca6f19c
2cb45815f754fe55a08e8c2f94e04d0be447821052f7594c7b6d5bebacf149a9
2d6d6b0e276fb133984461dd144f8ea5c206103fc51b9ae881174e1af83f5211
2dca70feef3dec88c1e51b94d0d9bcae7fce8e9f618944af1f96588f9f4cbc9b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
2e9a4863bad6298472292ba942c2fc122242551a243b9c752c85b5695c803dca
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30132134195b671439e4291a9a94bcd5a6b560110bb2437960f9958a86e37df2
30d0ab61d9cb7d1775214a0c64dba6f604bf36918cbf8b9170064d20a305e91a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31dbf352eb8729ce01cb6c097e201644a4870394fc4d048597cd007b900d75e2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
336f6188869d97fcf0011817d3f20d25e6a4873d1797491361d55a02b1fb1d03
3399eb340dfbc43502ca8ffc57f962ce93fd03a76f17140d32152e334c8c27a9
33e26a78bd1579641d4cad320e389aeb773777c8f211258e3ad8fef5b469e35f
35cdbecb27218710aeb88d0627ae3314326c0c8e42d27c28efa7ca3a5ad09d79
35e7c8f8658578661e86eb14c493a06d2658607bb5138d8e7574372f188aa46c
363b50df3586c574d938d5494840665f42a8e05a3a9dee9a040b2949f349c7d8
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3706cb46cc4a1f086d9c2a5dc16e37dd0d459afb83c51788d1182e3e01e260e1
378837c527aabe7a4471f7da8b16da2ae4c96e4f3e4264d86bf218e6d5533058
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38f752afa31582f4e767008e3037ce187b0a40e93df770736fa1db46f52b953e
393da595831b4f936f42c86429760cf6b5d9442ae00628d3450ad16c47c70cdf
3ae784e01c715d770a93903a86bc9669d4a80ef969a191bb44563a3d7afaa25d
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b4c3ea8b8b45f3bb46cb16b0777895cd73fddae3011ab06a39d55f3574c30d6
3b9c1cc05afebe36aaca5962ba895806b4d4439677ad000009879d5914f78b0a
3ba9df27ad9464d447bdb55abdd186dd28b90febb2e58040abf5e0eba14e5ace
3c119d2ad7cd2fb23e28e972882ea1df524336068f1d9dce11dfa25cb0c10124
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3de29b0a41a45de6a5fa29ef3e52e84659160b97d3d087c3e15c55679afce3bb
3e2a6649de823c0ac7db317d818540a81bb9352d82638104e043a230b0c64d1d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed20d6e2a857d7abeb7dfc4372627ac9d9051569ef5fd14cad45721f509b588
3edaff3efc1a97df0254c11f03a4e411e5327f6d03a03e518a245b70e1c4b123
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403546b0fa73838d64209e1b65c0793774de266a05248ddec476ff084cc5bba2
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
41d7496bb13fe1f49b36d7db5041537b85354cec6dd6e29f0f9682af85657c5e
41d8544168f39420ed180538612d83013fd99c0a95f81613ae749121e647499b
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
4466ea75bbfffd9b15c641392256eb85063df59eb6772f6079fd000b2756f48e
46486a3458168605c84d2bdcb13611fe529b53dd599bc541fe68348fac34d932
4658babc402d1b843399995de4f2254c023a55a1dff796d361d5c09552e10ec3
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
488ab5c640acab6f4b3aa79acc86490d627f23764d79827efe2f2f613ca7d92a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49565b2df78cd6ccea1d694d07c45b34f2a52ca58ef05dcf348037df4aa67503
49bccb917ca8d878e42ee7e81621f750baa24bfcba7cb5e09f1347cddbceebc9
49e632900074d344239861dc254d0684036c2509bff5bbdd7bc19e3ef700dbb3
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4
4a8aaf5427bbee7facb775b2c26f30fe226f1fab767486e6e704c6a2f5f91574
4a950d21d829133e2ff00cd7a81130bf1cf334f1f8ca72d7bba038430bbca6b6
4ad11da166d2401cb123998655ee0f641c3396d3db138ad3e9afcb74d5580d35
4b316ddfeca374280201d7d02a0cb1f73d0048f586a47717bb1508a01f4acd82
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d69716474563269d2e5c5d4a9a5d842c4baee6c78dbdcfb763204c043e69fe4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef32d67235ae73540d0191ca9fdf750b843f1a07876396d69f18c79f08664ca
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507307e24f462c9feefd78e73630eb45567d5f822df81081e1106e0e8f0bbde3
5138a31e6d0790959a6fffd61754006e06d514183b3e14f3dfb697088a31a863
515239d8289639896f52c3be97bd5fd1c8c1694745f7c2bce5014933ef0b28b8
51de5ddf2c334bdb4f9ee1e2f57c8ca638aa9d776c3314561dc9cb7e6efa3b00
523e958110ad1d783f31f4e330325a6657f088a5f548d0e3c2e4b3c07afade1f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e
52d5d4dc993de73cdd70e941b617f0c5eadf1311b80402afbc136719c71656e3
535fcbf128b88c0adb54864d8379e552454f9b2e6cfe09b7d8de6d9b220caefa
54066f2484f85c67ba08ab69f8324fceb10bd2894769c0d0203cff17e7adf537
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5515f75b51681686fd2c196fc33f4d7bd74f3e7bdb4a4d68179a003ec1a0166b
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a641114bf3f473ad4dd3e07195d3f1493134e949bc4a97c87d71150e2ea7e0
5644e5e23aae2be83e74f6a88acf978a251e05e30f439e7e30f3aeb6f33d1214
5659d03114cf5fe224d600aa403c3c2dbb3f167d841822904aa5fdf7443bd80e
570c1a09607544775e1774e1e06496b83106ad6034eaf639e8dab9dcea8a58b8
5800f6df071aa5711053e98fbe1e2b2cab668ffa3a98153ec95f3ebf3187475e
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
58d9b2488c95511f23a6f6c047bcd5c38bc391f6ecf283a734cb86bcfb306b20
58eff2a71fe175affb5df0e69004e8154e82430565ce1cc60501674947f3a570
5907a1d7c1e745029cad722cb76cabd7ad00226385a1be43322e4fb125c3f83f
5a85afb7e1570cd2c7ac5857e79f8af2ecd5a2c9dd05deba5fc1e195fb34a096
5aebb37c35fe2999e12f8f301df7cea69160f7f1bea033f1b07524f35d633f5e
5b647edf1597f3427578fc09d41be48660f2388e92022eb0693975efd38acda0
5c0f0c7acb3e2d4ea5efa998f04bfd00c0fcc138ba359039c129b9e23622f7cc
5cc4c7796261a95223db34b0e4ddbc6d4fc21bf19dd6ffb387a379b8bed04865
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d7c9844377986f9593864ed0145744b3db3e9ac02796b588861b241bd8ad4ce
5d8258bbf49433fff942104740c19eae247592198b208b47340f7baedaf8ab2b
5ee344bdcbf380697cd1acc598ea5bf7c0c2f31fe3d3bf1443fc01441bd0828c
606e3fad8326a187396888b4e2f3ed04a2dc56679a2b1f64be37f73c4f286f1a
6118f8c82c62f09eed07a93d22c85534e69889cf801942ca55da4db19561b4bf
617e319312a0ef06f4bdaa089dfec33f5ed372697f6c4c7b34742b5b70977c1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332
6343356bb1b36e7b34994fdb3293f4e426c360cd35bda51a639d551a5f569b06
63706cba9dbfa38f4472b2c93ab06c8f8699b8e9f4be4c0542482a92fc6d7711
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65974aff1bfaeae200028151004db3b7f78c62cbb1d35ae4fd4dc9a6b5ba1512
6605dc40c865d797125727aa8eb51efe2434fd192b3d7d7a5f9d9fb308d7567b
663e6c692ac6f3b276dc3215dbacffece42dcb3becb129cb8c19b8655492338a
66aff2c68283a6079a74e741d89f6d31021261276178f2eb15ae9b3041c5fd7d
67bdba8af09c1f4149f3b080551406847b0dbea8134b6fce5b643b17f71fa5e1
68923839f6c4384d7dfb93dac58535b5460ccf752423c0e6e267e22fb72f2ae6
694e4b5713fe62c60c98d0ca146dcfffc0a34f41e6a7d9da461c46634d8165b5
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69da0404a9984397a30305f0283d15720a5a414b4e8cdb9491d732be58a7b51a
69f3abc19abdcb1f85214214aa1c11d6bc3ee89f9879fde701736507fe71003a
6aa99fb81526b6b0061dab9bce97f2943a59f6eecc1f9053c6a08d1effe016a8
6ab8a4c8b5ded4098d7e91bda10c8bc03dace7d8387f5027b1f608d38a6fd233
6b286c7520e5f3c04cf1ef915c33bca3c60e7deefcb74e2d0073cebf838d1335
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6be0a2dc1fa7622b62f867ccc4b76c5b5202b8aed0b4dea6ffa0a51c5496a59b
6c0b5b592f32bff7fbc3ab4061a1eb581ef2e4d85edbd3672a2f746050bdcb58
6c95d4de193a8a26ca6892c297e1acd7f2a71c2e4d66d6b544d2dee4473e9a15
6d371ea6cca532d1e3784d54160b66bd5b057b80749bb3423a8cdfbb0cd5740a
6ff6d6889d853e00ad1c83a17795200a17f923e76daf2f9297032c3696329a74
706a4b7adfb48dcf542e2697e3ec9be788f9a09d61a71dde243b204e6d7b52b9
70c5322b2141b7efecd74cc8414159bd7c9dd9451edc6b53288b2bed0c3b4e9e
70c6821cf4208f0951f8fd46c6eb578b24331865dd48b7904285d27aa796f86b
713139b81c59188eac4579fcbcb0c63273f5d75ee54b78b679ab07c6853fcc2f
71f9ca1f6f59279fff3ea1a3c7ef146f3764132c538382a4bad57355506856b2
7238e6a8468f2741a3e82bcdf25b754c9d701748e3967bdc873d820380d84202
7337c1c3b2ad7926f08acf4ec6cd9a1f11c717d508a212b982e144acd08199a5
734e4e77659d53332cdae68d2bf9250a05c6bcd238f3f6faed68d46395e7cb48
7457d96ab6720b3f9850e9ecfbbbcf0d02091d96820ee84f4b501e2be250b3bc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75075ffee137a54742ed80b6dcc6fc357560bebbaa954c0ce8dee283657c40c6
750ccdd3a9e73adf52c38f4ac7496d5351e235ac78270210bacc5df327d5e033
76d191c56fe217b94190589a2e3798543a393e1fd5b3914051a754d3cb8a6e89
787613bf047f6dae329ea5d13bd5eea378674595e504eb53beed955f5d277279
7877b39c1b1c7a0b9706381767fb8c4f0c8ff0862cbd6dbdc2bfccbefcd9ff4e
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
78f3dfff639c0587b38d1cdbb79c5abf7fe9d1eebd5464bbee5802233526d5b7
79461871736c98437862e0117c2f5557b99def062763a8b8f20cf46e8d476c80
7ad3017a3847b1bfa685b0de6601da8f67b5770b4d2bd09ab384bcd77b03ec78
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7bc6fef827aa7f88d62e98cfd829fb47732fad974b68bfc79716d492fe1bb4c0
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7d3c73455033d3f02d4de33bfcac0fe0ba701fd53dc6a80864da1e4d32cb0bd2
7d8619ec696f207d8d6885b71f4539d2d764e2d4911b1c8917f32fa8d24d7548
7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a
7f0d04f22e62926c1f766456ef39fbdc7b740632707f2626935354219020483e
7f0db191f9ef8ac457dd65424a5c20f00003038d601dcbad8cb20910a60989cb
7f93bfd80befb26ebebde99de5ce9beada5c9a1a7e9803b3838659f747cb9d7e
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d64008e85dd749e6a531aad117194713e13e9dbbb5d34b76c235c0a46ca120
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c341143c93c9a3c1fc4f7899453ddd139da0dfddc4205b09eca9c79e88b49b
83f0b02e14930055be31425bf3c84282c8c5f46e5272ca394d73ff12cc323d55
840b361fe830a6602d822a062bdead4c813050133cdeecf6b9ea59a118e2173e
843bce14591e41e76ebbdbd115acbb85f32c650ac1180afb8a4055a4b1ed6bca
844926c692ed338e018fc7d23d4d8587276bed3126855fc2ab66a0671748d478
8494379094c52517ed450ed12d975148eb9fe7654b5f3d1e678c1352a9fede46
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
867b45f6bfe5bdb5e57199a4bddb9115a3e5e122c21541e36334292ee26b93bb
86ee818268da2be22b612e7c41737c38babd2a998578b49cf510ffeab7e1ba24
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b07497cb04105c8e81ba5e6d8bc8096cf5866021885cb7261f210ed5ac5acbb
8bf71fa7894fee5dbf8ac3f5e2dd2f594d75345bdc6a65b587227adf4257bbfa
8d5f4998823d359eac8d82d92eae65868c296d5856424c9da3635e2fed18d93b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfa7dd2ce1aa677ef4bc94e69c129a7f02af80c4d18939bf28578c90b55f85b
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8eb37ab4c76e2ef45bcd93ff6196ea88d52693c29aed3130eaa49596ebb8b82c
8f387217a1132abf6b1af8d7623de52195e81097b23ee7f39d80bcd954114e20
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
905d954e0e654301c762d06d5b1612c9404b05780adbfe82942e0f5c3352697a
91184b497b139df261c2b40f01b4b221819e3b6554389574eb14b5458f978b9a
9229ce97168b9fad80cccb0bb2fe7b0b301fcf902b50b78924af7e1f22f584b1
92ccccc842ffeb2141d5014d730eb4b36b698aa695c50deb0b785bec4abe67c8
93f3960a10905e86fd95049eade424812fa0d5d61e4cb4e34be7564bd526a9ff
940056dda903a0766f22d438073e7670db5f3e59eaadf6d21a1743fdcb67aa1e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
942dfb95fc252b80582ef8de17048931e3020b85643fc7ad1bbe2122190a1847
9470137342ec088b7c020fe717274cc62469b3da3043ee7811f97fb63b474b86
9806ee098a508eb633003658872bf9e0bcfe19b9ad7cae49773be48506321116
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb8885ba2099f12232c2fab485e17e50152b918a9afc080d81165b94cd8f9f6
9bde47abff1fd70885dbd37f0eece86adf8f9041b788f713d38625e210d2ca81
9c6ec2f1bdbcf0d63d701db71e14cb927aaa2fcbfb3b1ce13774deea1202766b
9d11fb772b951e4aeaae8bc1941961271b8a9d42c99cbca9095868e88adc1587
9d39cf2be5da67babea72be0a4d9c469654951692c49f888bbfd5925b532e99e
9d5fdf3ed65b1346b65b6cbd1a81b4632b41241e4f66db7da3b60d246fda643b
9d9b01b84e51aee09464fe69dce90e1196ea7d7310a60775defd32f02915e0c1
9f1d2fd41767f4811567a0c14cd8e1a2355f0e785a71449daa7e0c14f0859b5b
9f5ce49c76969ff740f4eb1473ca6b5ccfac1625378b1f30f91bfaa3e3f9f184
9f923ca973cb3f9addb474fb553de433a473ddb7f9e2711b1103913ec73b1e3b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00f46abc041c92fdaaf83bf733f3118ab7e54cd82f37ec6b5f143817fd825c8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11b5062673e0f612ca0e8585fccfc5d2c4096d4b4e7a254dbc9d8da46cb0f5b
a303303ac22041692e19fa76deb913d675842b5c34e8bbf9cba7638371577ad8
a40338ee30fe99c59de83fadee8e643dcf3fceea2971b9ecfbf3488c697661d1
a486904a4d1261fc70e81aa2b70c7c4a709dc2564c5c52ccde4acb9a30950bbd
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5958b5f9c8734b3867127596525521cd590d2f7d0a703736e3b6ec264f91a36
a5da1fb9d6252d0004974b9b40cee8550f7d6a0ec72874394b9a0f1f9d8e7c0f
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6c1dade776049d2d2533be54399086ce426c40c12c6543b8a05d46539ec6971
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ab9092b00548c9ce87b6bf20077e40885d9ec806064de0fdbde38827a0c06272
acb323c21a2817ecc1ba9955fdc377abdc2eed82b97d895c6f7fc95e6cf314b9
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace4c9dfbb8d97bc5ae16d49b6e4b05e6cac468fe50700c0779dc1f2a7b8c8a9
ad633859332408721118806bf8fca9a4693c57ba6c601fb56a8717312cb7924f
ad804a510807296e06e4aa76727cbe48078e2d56a1026663283a4c6452a03e79
ade40a83600597db638cce7fce725dc2857f4b0c0254d5870710b1dc89f72ccc
aece5718957df383a0a6f0ac0c11089a2d9cda6c123adf4e9939d4f3c15c50ec
af4b89e59d792f7f7fc336724d6fe2b5f1da9020c7bbdfe21bc98059c3cd7e7e
affc3f6ca459d9a9003e26e09171d8e68bd4ffd06e4716bcf92ac078df797832
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0b921327ea30430a800795490050fc75aee2e7eb5348429605652c09022ac9b
b0dd1aebe8c8794e2721a1f385f19fa800681bd637203c88406ff11eb3266cf6
b0f1916fccdeac5d9aec2983012e1835d355cab1a3f8bef587956445e7545e92
b12bddb38e66b9297aa5390bcb82ec4f19a9b09379cd33a5fb50e0e4a46e0df2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b162119d1e7ce6dba72ac3c66c4d869c8278fbc2346659603fc31a1fa5ac0faa
b167b62dbb74ddbda9c011bbcf4d009ad09731d8aa2f667b044c5f98259273cd
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
b27cc1a56e5ed1911bed60cfbbb65bd13ba595e11bd3482b1eaaecb5c376173f
b296a920c65d2d6c4852facc16e2e4655da1ad2c9dd0cb089f188c2d77856fa6
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b40e96be5732b2aca523c69c6c5fc0f81d9aa6b1bfa64e3005ff81de8264ec3c
b5eb6898764ee3f77bdb4ca410b9b8d0e4a01b031539874c066d542c99288c7d
b5f202cae5fed5a94f7c15ced7477f68996064f5d54b601c362929004bfebad7
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b66212744b8ee3141c7499e7e0dbcdcaaffef31e328c65b04ca7cd2d5cab5cc5
b6ae3cd6e2ae6ef8c2218a2ed8d1f2d45e4bcb23f507931a0b95088f4dbcdba6
b7063e5c0ea56abf52c2964d30d3ba321220085106fae67046d59dc668687e51
b72508847c399c435fa24a3e9c47e5ce12efbb2f0394c2ff9de04c9cad076d8e
b80c16d331011d6e839ab8fa44dfe40aef93b681249f2ca839f71b12e27b339b
b82fe38a0832c50eafa72841983e2dfc9cbd8a10e5365d57a2df5c4563575220
ba24eda30cf8adc762f0c2027b5e616f52d83f231c5ddd28f7b6f733d1438fc9
ba4177e19de13c8f8989ae5ae74adbebace694d270768f7f11be47bb8fb4ed0f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb25f0912c8bdd1798908235d08153422ee919610c60dae3cb647744753fc6c5
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bd3ae87ff463d6fcd9f72f363cf6e2c24ed2221b334063ebe27d2797789044b4
bdc2bf0a11127512ec2b88b9695812996b3c5c8bd403cddb6769ba2e075fe148
be1a35c232b28d4da892f00246f8dfb79e68cb0a6e9854aa4c37ff47e0275ca5
be667717ad2c732ceb420c99a83e8f77e45343df792f279399980b3f61526800
beceb127885b0730fec9224dd7931b1e760c4b0d6eea26303e7a7aeab1eb4bf2
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4
c0163fe0755b485e9e42e298383aae0cbe5ea583b6bc5e3fc199a5f1e6df0ba9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c11197d87b991a70971e8f968cf79c980d7702f8c7144ce7cf6ebeaa4e91b45f
c1926aa8e4dc5cad53a3486c630f481402d518c0c18777dc2c14c751ed737ad7
c207b48141ff6558ee20a3417a9f991259e9f0d7face1da2d05123a438da8355
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3fcb4e5141ce0fc521ecadd4925cd1f352e11ebfc02cfb3d91e3e457b07de7a
c46261799db2b9293be2af0302b45e51ab5d1e383d0e7b4994432c8fe0ff3d26
c4714515e58086f8a3a8b4c386f3de2f5bf584accd3a88d83aea04bb74f6f448
c484e18154a0c7ac9bed3ffe5a978822071865eb736a665497288f4da213eb48
c589972e3328851d52a85bf9ba8e20f86a29ea954487806831cc81a448617e4a
c615352012b8d07e579ea8002a2693033e048579b6c448c7de34dac764b1cf8c
c739108356622acea00e530bab386dea13a629eebe9a6b38353eb780c3fcba0f
c74a0feb863cdeb8cd6fca49043977f383a5f39ade96533c6acbf29391688362
ca88e9d1b4cb8c46a92b175d573fe9ec1c1597c89b72fa52dbab3622299614a3
cb3a0dcc2773bacae4e8a8ccae0b4e7dd99216d22a5f3f71e8296ec4e1a8dfc7
cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4
cd0668bfd027a6826ee67640294c029bb180df62c4adc49e1f62df3484aa06cd
cd4117d6f229fdd8d6d73a24f7fc471ee1bd7b711ec554f83fbfc767ea87a2c5
cd499bede79f0a3e8eda7024e1345385ea24e72ec31bdc17ad32be9dc53f06cc
cd969f80b7a244e0523f51a2766336c863b48315898918b6a9ec041cd7b19da3
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6
cea3cddfaa3d16d796a49f25265686e15cf192d65d5a7df799d096532fda81cc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfebc705eb5bb42ed64dae5416a2b47001214d6c92747d9d9b9f0dd31cf242f9
cff1393ef93cb2081bbbd0f000f84466e6af9fb698baef17bc488127fe23f261
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1258c29950bccc71abcc8fbe69c3cb778557f8fd198cad5b9c1e2a7c86128ec
d1bbe972ea003d46e9d169f03a8843ae0b49dca32a58f4c25c2926063ca80dc5
d2e6e0f7a995e1017b831c8c9c895ca022cbef536524d5a246569fffd4ef92b5
d2ecaa31f8fc9562c1fc9d3a9753f98c2882f83238ad7b3b5ce67df7f8cd3238
d31db79234197a5e925728ea0eb459bcab5a366de35cff33e9a0390cbb85b21a
d3332bf9e5c369e8848c94f7be3717d9270960126507a49523828fd630c0a9fb
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d408257fe4d4de006e63fd03d7c0af3a8ebf602fe2dfdd117bd7d7222f184e9f
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d6a772fe86729d7d99b1692833b687b97a06a887cbbee6156f51a9a869b2e54a
d72153c1d22dc688b96ff4338ba86be586c7845fa9dde464d966675b31dcd3ef
d7479c260d268af94f19590c0bc5d03fa2e1ec895246b91fc1e00f24c8cf947d
d786aabd8b0de915068e50a6b071a6d0416b6e9b688f96d21be4bf4771963e1c
d7cada34f759c4c23e047254ee7e7e0db869eb71bc32176ec4b4f5c0ed515129
d822e59e52d941a8db4987f327a4f8cc4b7f29555faa8de3b4eba1c4ef3b81a9
d841d1f3aed4e0a519eefbef28fa8c228943a3ed2297c2d8f32b7ef721751b10
d9221a5cc14f7a6063f199c437507b47974c3f137437cc7e195dd44f587972e6
d96872bea1ba83b6822b8937fd9409af3e0d8d9dba0e706d26763d24357d6ce7
d9c171e3969d8f9635d10f584b741114ab5cc7071ae4a7724927bf346fe4c75f
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db1be52c14acc9efb33cea520c1a216494beed3a9b558e85f05f4833022476fa
db6a2ab5542cf978710df3dc111ddb94a54a0b309004e4fe0b7f9c1b7dd5f204
dbaa6ea4be4bb91d6e7be0c5a2205a00f2c2f0ccca6012dab2804cdb66344242
dcdc185bb7b777198d396d8f2227dac57b6af4d911bf0cf673d891d194fefdd6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb3613f6cd0c0a1dcf1422a2eb6a8c286f74178516852aa88c9e92657812d21
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4820d131255c59a3e43b25b0234546ba27dbb80a4b8d32d2404ebf57c3fd45
dfd9f2e75d343c7cb81f92ac7c2c738dacdc322120a5af72f239aeac7b0d7c35
e1304f7fcd264fbff56eed0d0ed754e4cd6f89ad4d2a86b2a78063a3317a4bca
e1f049870ba4949effeb6cb641be2ba083ab524fe2a5b4cee4a8a69847bb7f7f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2499bef2e6a40d3daa7583bff5c2aba8bd9605caa06546db04cf0b527301a0b
e2ea352c319c6674e03607960c413f306ffe204a51f4058b39b37f22993c45db
e3577c9bf49589af8e9496a56c1be804c9a8af966f520b0cbe5cc35115795817
e3621ec91eeb2adde35d206fc6bd50df94cb867b3b8ae73d397d37f5a03320ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e6869792e682b220e7da5b4ccf10c281d63b04ced7c8fa2385c22b31148659c9
e75443e7fff88c133248da0ca08c660f171b0cd84484fe904ac330eb7d04fb77
e922a199c0736d84f1cb215cb5950484e8cf7c04011a35ccf28fd755aa5e7133
e977ade701902c8ac51b551168f9aed7dcbb608aaf1daf2ace9230c0b91d7f14
e9de394125c32934c6249f88ef4cd540e6268ff3b904afc03b9ed53a4fd8640c
ecd5f899e65c31a94479328d9caf0942d06e2fb67302344253fd7bcdeeadf9c9
ee35e3522ba4d0f0972024c9d624ac5a109803674f04c5ccb86df935174ff127
eea3fefaaaa81697bfe96a579348d81629cb6c8c8c600862aeb052794b1a9b4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34775b6f7a6cea3ac3dd0e3865415286c47e7e9151b6109ba6cd140d17afd5
f082eec0e7a7556e724b3b7457ead574a374ca2d5544bdb51ffd90453924a380
f0bcc9e3916312eae7f1dbe3cfdb07c1a80d66c8a7be858f329ba35ff73c9a07
f31c679925f08d9e81a27d620c453835545d658a993ebc88c6992424e9b87cef
f3ea127b9fb84b0b96199d67b98eb058e8921d23d3c71b94771071b7b9273245
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f5aa89cde14900c60fc7cd0b083bd197c7fdcc6c0e689ab3ab804067f757fd37
f5d1b2751cd1575f460daa73b56ef210366c9e3450259cc39669ec92e965ffaf
f68b82444e688c205ca9f6b1f56a1e7123bb18f313ba513e8180836f35b20573
f9421ff9a9cf2970cf960274c7cfb973645c6b1644e9912bb3f7e3c0289ad206
f9d1178e10a9f1ce85288d9666f171d1536ef45cc1ec42dd46f4fe59018e74b2
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fcbb52e0aad8008b39259e570a64c44d45ded7a010914c6aaf466ccb29789191
fd25b828640cf54edac3fc11dcadd5dcb8ac12145a356f3c9e9644678d01a59e
fe67a308066ebee3455f437382c739ecf843c94e34ec60289a43ecdfa66568c7
fef050005dac266a279c42deff77ffd3da4ea5f949c86f1085f1ff5a59dbbb90