go284.a7bbab.com Open in urlscan Pro
104.26.9.207 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%...
Submission Tags: falconsandbox
Submission: On March 02 via api (March 2nd 2023, 3:16:09 pm UTC) from US — Scanned from DE

Summary HTTP 360 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 69 IPs in 10 countries across 48 domains to perform 360 HTTP transactions. The main IP is 104.26.9.207, located in United States and belongs to CLOUDFLARENET, US. The main domain is go284.a7bbab.com.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2023. Valid for: 3 months.

This is the only time go284.a7bbab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	104.26.9.207 104.26.9.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
63	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
10	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
5	184.73.109.176 184.73.109.176	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	35.174.127.249 35.174.127.249	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.78.47 13.225.78.47	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:e00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
43	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	108.128.57.95 108.128.57.95	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
6	3.212.83.154 3.212.83.154	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	209.191.163.208 209.191.163.208	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	23.203.124.192 23.203.124.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:6ea0:f40... 2a02:6ea0:f400::4	60068 (CDN77 ^_^) (CDN77 ^_^)
4	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1 1	35.169.19.18 35.169.19.18	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.16.107.130 2.16.107.130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
9 11	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
5 7	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.203.125.36 23.203.125.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	52.57.130.211 52.57.130.211	16509 (AMAZON-02) (AMAZON-02)
1	3.123.121.27 3.123.121.27	16509 (AMAZON-02) (AMAZON-02)
2	54.195.241.242 54.195.241.242	16509 (AMAZON-02) (AMAZON-02)
2	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
36	2a00:1450:400... 2a00:1450:400d:806::2006	15169 (GOOGLE) (GOOGLE)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
6	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
3	141.101.90.96 141.101.90.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
5 6	3.76.151.8 3.76.151.8	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:64d1:cba1:647b:b2f6	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	3.229.1.150 3.229.1.150	14618 (AMAZON-AES) (AMAZON-AES)
360	69

45 104.26.9.207 (United States)

ASN13335 (CLOUDFLARENET, US)

go284.a7bbab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:4::212:4f10 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

tg1.matched.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.73.109.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-109-176.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.127.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-127-249.compute-1.amazonaws.com

serv.matched.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.57.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-57-95.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.212.83.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-83-154.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.145.246 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:f400::4 (Zagreb, Croatia)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.19.18 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-19-18.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.130 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-130.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.39.66 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.12 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.130.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-130-211.eu-central-1.compute.amazonaws.com

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a-prebid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.121.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-121-27.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.241.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-241-242.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:400d:806::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.76.151.8 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-151-8.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:64d1:cba1:647b:b2f6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.1.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-1-150.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	754 KB
52	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 ad.doubleclick.net — Cisco Umbrella Rank: 171 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319 static.doubleclick.net — Cisco Umbrella Rank: 262	476 KB
45	a7bbab.com go284.a7bbab.com	718 KB
36	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	2 MB
19	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1892 player.aniview.com — Cisco Umbrella Rank: 1963 play.aniview.com — Cisco Umbrella Rank: 16411 sync.aniview.com — Cisco Umbrella Rank: 2346	267 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	164 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	239 KB
9	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4370 adservice.google.com — Cisco Umbrella Rank: 73 mts0.google.com — Cisco Umbrella Rank: 4217 www.google.com — Cisco Umbrella Rank: 2	42 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	6 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	388 KB
7	bidswitch.net 5 redirects grid.bidswitch.net — Cisco Umbrella Rank: 874 x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
7	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	7 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	1 KB
6	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 1885 d.vidoomy.com — Cisco Umbrella Rank: 10532 vpaid.vidoomy.com — Cisco Umbrella Rank: 2912 a-prebid.vidoomy.com — Cisco Umbrella Rank: 13603 a.vidoomy.com — Cisco Umbrella Rank: 2665	21 KB
6	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2450 us-u.openx.net — Cisco Umbrella Rank: 422 google-bidout-d.openx.net — Cisco Umbrella Rank: 2399 rtb.openx.net — Cisco Umbrella Rank: 1367	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	4 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 712	1 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 844 eus.rubiconproject.com — Cisco Umbrella Rank: 533 token.rubiconproject.com — Cisco Umbrella Rank: 541	11 KB
3	o2online.de portal.o2online.de — Cisco Umbrella Rank: 56945	2 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 457 image6.pubmatic.com — Cisco Umbrella Rank: 725	6 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	7 KB
3	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 13818 track1.avplayer.com — Cisco Umbrella Rank: 15984	218 KB
2	adform.net cm.adform.net — Cisco Umbrella Rank: 1244	211 B
2	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 645	195 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1218	344 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 624	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3797	424 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912 id5-sync.com — Cisco Umbrella Rank: 404	17 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	88 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	939 B
2	matched.se tg1.matched.se serv.matched.se	12 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 596	191 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 555	663 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1489	341 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 879	314 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 589
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 972	757 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2643	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2734	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3461	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 105
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	601 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2425	54 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
360	48

	Domain	Requested by
48	pagead2.googlesyndication.com	go284.a7bbab.com pagead2.googlesyndication.com e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
45	go284.a7bbab.com	go284.a7bbab.com static.cloudflareinsights.com
43	tpc.googlesyndication.com	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com go284.a7bbab.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
36	s0.2mdn.net	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com go284.a7bbab.com s0.2mdn.net
16	securepubads.g.doubleclick.net	go284.a7bbab.com securepubads.g.doubleclick.net e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com go284.a7bbab.com player.aniview.com
11	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	www.gstatic.com	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com go284.a7bbab.com
11	www.googletagmanager.com	go284.a7bbab.com www.googletagmanager.com
9	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	www.googletagservices.com	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com go284.a7bbab.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
6	x.bidswitch.net	5 redirects
6	googleads4.g.doubleclick.net	go284.a7bbab.com
6	sync.aniview.com	player.aniview.com vid.vidoomy.com
6	player.aniview.com	player.avplayer.com player.aniview.com
5	track1.aniview.com	go284.a7bbab.com player.aniview.com
5	fonts.googleapis.com	go284.a7bbab.com e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
4	onetag-sys.com	player.aniview.com
3	portal.o2online.de	go284.a7bbab.com s0.2mdn.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ups.analytics.yahoo.com	2 redirects player.aniview.com
3	fonts.gstatic.com	fonts.googleapis.com
3	region1.analytics.google.com	www.googletagmanager.com
2	a-prebid.vidoomy.com
2	cm.adform.net
2	ad.doubleclick.net	1 redirects e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
2	c2shb.pubgw.yahoo.com	player.aniview.com
2	ads.yieldmo.com	player.aniview.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	ads.pubmatic.com	player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects go284.a7bbab.com
2	mts0.google.com	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
2	play.aniview.com	go284.a7bbab.com
2	connect.facebook.net	go284.a7bbab.com connect.facebook.net
2	player.avplayer.com	tg1.matched.se go284.a7bbab.com
1	track1.avplayer.com	player.avplayer.com
1	rtb.openx.net
1	a.vidoomy.com
1	pixel-sync.sitescout.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	vpaid.vidoomy.com	vid.vidoomy.com
1	static.doubleclick.net	e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	grid.bidswitch.net	player.aniview.com
1	d.vidoomy.com	player.aniview.com
1	image6.pubmatic.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	ssp.disqus.com	1 redirects
1	csync.loopme.me	1 redirects
1	vid.vidoomy.com	player.aniview.com
1	ap.lijit.com	player.aniview.com
1	secure-assets.rubiconproject.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	mug.criteo.com	go284.a7bbab.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	www.facebook.com	connect.facebook.net
1	serv.matched.se	player.aniview.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	go284.a7bbab.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	go284.a7bbab.com
1	static.cloudflareinsights.com	go284.a7bbab.com
1	tg1.matched.se	go284.a7bbab.com
360	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
a7bbab.com

Subject Issuer	Validity	Valid
*.a7bbab.com GTS CA 1P5	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
wl1.aniview.com R3	`2023-02-23` - `2023-05-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.aniview.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-04`	10 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-09`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adservrs.com Amazon RSA 2048 M02	`2023-02-28` - `2024-03-28`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M02	`2023-02-09` - `2023-05-24`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 50 frames:

Primary Page: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Frame ID: 0E4172C4B3AF7316F01481ABD6E88C6C
Requests: 121 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: A90F4417027C726A84CA76AA03335CB8
Requests: 1 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F9E51050064DC838560011A6D523399E
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Frame ID: CDCB1E31776871C295B3A1FFCE2EB9BC
Requests: 7 HTTP requests in this frame

Frame: https://go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1677758400
Frame ID: 38EE58794CE015F095FF84570D384EB8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5603248120981298&output=html&adk=1812271804&adf=3025194257&lmt=1677770162&plat=1%3A16777280%2C2%3A64%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677770161822&bpp=3&bdt=267&idt=407&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2230235233006&frm=20&pv=2&ga_vid=1969437710.1677770162&ga_sid=1677770162&ga_hid=170485274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C42531706%2C31071869%2C31072387%2C21065724&oid=2&pvsid=3514755029690599&tmod=1593620439&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453
Frame ID: 15B16A35DC3196867C6425779410DB98
Requests: 1 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 894A63C9BF3BA07EDD4BBE85A0B3A456
Requests: 16 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA3807B99FB0EFDC9F1AF7AC6A05221D
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=go284.a7bbab.com
Frame ID: 776847E21043C0B12E7B04EEC5F3499F
Requests: 2 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7CACB7213E3F7AF2652580F1FAF9CDF
Requests: 18 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 721BBB3208676896EA30E1735A9EA0C8
Requests: 18 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C447D8E77EBA721C02FF4D36726137FA
Requests: 1 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39693747E4442640EFE6F71DB36DC4AE
Requests: 5 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9A5A55AB0E72391000EA11453E2010D7
Requests: 14 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=57&pid=59c9148628a0612da3689288&key=29cac34d-f275-4853-8353-05cc39d99661
Frame ID: CB56008B726154CA20F72F60B54EA403
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 050C9183CF073A69E3C5675DA8E63417
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D18%26key%3D%24UID
Frame ID: FCF0159390881E5DCF71486A8D00CACA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D1%26key%3D
Frame ID: 6CBE5E5F5CA726108EFFF7840213EF3B
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=133&pid=59c9148628a0612da3689288&key=a6f37f0123013099a595be2217fc435a
Frame ID: 8552C6EF35A3F203CA01147C79108E70
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 7A695135D7219BE27AAD2C5962E9B4D7
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=56&pid=59c9148628a0612da3689288&key=0d8fb9a4-5bf4-4328-b09d-6405bf64d63e&gdpr_consent=null&gdpr=1
Frame ID: 0CA542A0158A511B3AFBC77B4A621F3C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=52&key=ua-bd80717b-df6f-3255-bb19-50e796cb5837
Frame ID: F8DDEF772F9FE7EB03B2B34896925F13
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=cb4fe078891bf26e5cfe8f0575cc94e&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 2A1ACB0C22470F21B4DBD4CC43C59F20
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 07482E30D3A73AE853CE9BD37EAB5D12
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 74DFAA0214EF5DC5B69DD5396B27DCAE
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=10&pid=59c9148628a0612da3689288&key=RpO7TzNJYnCL&ev=1&us_privacy=1---&pid=562704
Frame ID: FF55B2A37E5405EC5E21B4D3045CD2FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNVXeAlpc3ik5k_wyvyiHAxxbaqB_MZazsPM8YjK8lIspmNnynA_xAJhEDvT2lcX1LrH4yWDHUb3i8bn8Hf6SY7nXtr7BRgXXZOHcUicBZfyBED_UYYJVmpbJlo7QTIAymdPvDs-ZdQVny3pWSFU0NVm4gf2BQkMUSxXBDBDICpBOpisoP0
Frame ID: 83792E3ABC169B7552701C6E6ACA4FFF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U
Frame ID: 9DE4C3E14E7E90A87EA09E08AC3458FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARisge3eATAB&v=APEucNXgkDeVIiLzs9fsLxwEWt0YvpsFHuaMm3ufZCzw-NrAt1WnF2chZ2HNN3GZTVNJBeb-sR6w4v8YVI3sJyGaOTmg4A2RWB7N19vkXDAepmiPQLq-788HuQfZwa5CFi_nbe4hpxyH05RA1nEoFA80gS1On6-B0PHBASXoUoWn7mqIdMFtQd4
Frame ID: D3AD36AD53B19B61064533E101FB5896
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: ABA4B598F98E194BF4675CE4B4805644
Requests: 16 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019
Frame ID: 1E87C48815159DA9202AF0A34101491D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F43575883A11C76DF312542CC2ADA070
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Frame ID: 64F394EE818502276C714EE44D724F39
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4B7475786A122E92938AE8D67C162935
Requests: 1 HTTP requests in this frame

Frame: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E83A9C01959BC97425373BCA1FB1DD4
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Frame ID: 6D51F18EA773BA545221B5681E5220FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C31601597A1498433DDE1FEAFFBACF0C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
Frame ID: 9B8B445CE470BFA4311BAE004193EF1A
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
Frame ID: 93DA4A94BFFFE80C757456EB816CE1FB
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
Frame ID: DE865ACE5BB3CB4AD67D369094B49D1B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 792969B3BD50038B5F308A81E3372FE2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 23028126291537B3B95453014425A300
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 089D62F44C9ABD6EC6304A5A764361BA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1677770163514
Frame ID: 02814C1066B07F9104D51C5EC2BF0A9C
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 74DB421BCEE471B27A6AD346265113FC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Frame ID: 1A8661C31873F5B5B18DA4C3A8E5D7A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Frame ID: 1E726E90E2D48FBD54853C6C1723ABB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2F45A5B9AEAD418459008A08EC8DCF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24CE1581446A8CE24876B89E37740704
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js
Frame ID: 268C43B19914C6A963F7B4286ADBEB24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

قم باختيار احد الاشكال ونحن سنخبرك بطبيعة شخصيتك

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

360
Requests

95 %
HTTPS

42 %
IPv6

48
Domains

82
Subdomains

69
IPs

10
Countries

5495 kB
Transfer

12887 kB
Size

46
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/A7bab-388531175136643/

Search URL Search Domain Scan URL

URL: https://twitter.com//

Search URL Search Domain Scan URL

URL: https://a7bbab.com/
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://go284.a7bbab.com/15198/2021/%d9%82%d9%85-%d8%a8%d8%a7%d8%ae%d8%aa%d9%8a%d8%a7%d8%b1-%d8%a7%d8%ad%d8%af-%d8%a7%d9%84%d8%a7%d8%b4%d9%83%d8%a7%d9%84-%d9%88%d9%86%d8%ad%d9%86-%d8%b3%d9%86%d8%ae%d8%a8%d8%b1%d9%83-%d8%a8%d8%b7%d8%a8/&text=%D8%A3%D9%86%D8%A7+%%personality%%,+%D9%88+%D8%A3%D9%86%D8%AA+%D8%9F&hashtags=%D8%A7%D8%AE%D8%AA%D8%A8%D8%A7%D8%B1%D8%A7%D8%AA_%D8%A7%D9%83%D8%B3%D8%AA%D8%B1%D8%A7&via=xtraaacom
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://oajs.openx.net/esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&rid=esp&cc=1

Request Chain 140

https://gum.criteo.com/sid/json?origin=publishertagids&domain=a7bbab.com&sn=ChromeSyncframe&so=0&topUrl=go284.a7bbab.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zdp36nxRb1lZaHBxSDVnZitvejVNbkFWS090NkEyMEJ0S0VkcndiTEx5VXFheTVjTzVxeHh4bEYyemRwS09LOVVGNzY2YVFDS3NZL1hzWm11SVB5MFBqS04zM3pHNkJZQ3Y4YnRUaDlxWDg4ZDAxTXozSTlxK01FZU94NzFIdU1QZHpDbmxrZThBK3hCampnM0grRWxtUUEwTHdkeDR0UlRBTE5vZG44dyt0akNkdjNtQmswbEsrb0JpMXFoa21PQXR2d09lVEVqeUtUYTNucXVZL0hveFh4em52UFFqbVd1NkZ5dzlsWU5HVUJoWCtuMDhaSHRDTHhSVFNDU2N5UjJManJCQXh3UFJNOHREakZZZHJ2b0lZekFydz09fA&cppv=2

Request Chain 141

https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1677770162771-994587376777-001192-004-009061&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D57%26pid%3D59c9148628a0612da3689288%26key%3D%7B%24UID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=57&pid=59c9148628a0612da3689288&key=29cac34d-f275-4853-8353-05cc39d99661

Request Chain 142

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 147

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=56&pid=59c9148628a0612da3689288&key=0d8fb9a4-5bf4-4328-b09d-6405bf64d63e&gdpr_consent=null&gdpr=1

Request Chain 148

https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D52%26key%3DBUYERUID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=52&key=ua-bd80717b-df6f-3255-bb19-50e796cb5837

Request Chain 149

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=cb4fe078891bf26e5cfe8f0575cc94e&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 152

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=10&pid=59c9148628a0612da3689288&key=RpO7TzNJYnCL&ev=1&us_privacy=1---&pid=562704

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

Request Chain 203

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAC9s68NJNXeEjFsaQooEgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

Request Chain 205

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPUBwIdujsDmYuyNUn_Slj0&google_cver=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEo3g3AdIDvkTAOKZacyjhg&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAC9s68NJNXeEjFsaQooEgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

Request Chain 233

https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_pre=CLbq6_TEvf0CFXDwEQgdPAYEug;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 260

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 268

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 333

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=92ba9209-466e-43b0-ad41-e3bfa04f3cbd&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-77i6MP9E2plXx3nijnOa5hsOytiha12KgeRDsg--~A&expires=5&ssp=themediagrid

Request Chain 334

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6336467961363789326

Request Chain 336

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-VJiJKHVE2uEOn859L6tVNFH8ONM7DuGa_k3sR4M-~A&gdpr=0

Request Chain 337

https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=92ba9209-466e-43b0-ad41-e3bfa04f3cbd&google_hm=OTJiYTkyMDktNDY2ZS00M2IwLWFkNDEtZTNiZmEwNGYzY2Jk HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJXGg60q4Y8WpDm9I5uwxdQ&google_cver=1&ssp=vidoomy&bsw_param=92ba9209-466e-43b0-ad41-e3bfa04f3cbd HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=92ba9209-466e-43b0-ad41-e3bfa04f3cbd

360 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D... 136 KB
19 KB 565ms
502ms Document
text/html 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec209c15cc2057e721a41857e99f656625bf5bc7b4304347d6849ebb06301dad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 7a1a99329a33362c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 15:16:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://go284.a7bbab.com/wp-json/>; rel="https://api.w.org/", <https://go284.a7bbab.com/wp-json/wp/v2/posts/15198>; rel="alternate"; type="application/json", <https://go284.a7bbab.com/?p=15198>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSbxmhrGqgclDeYAxZP4NFJr7RYf0oIqpRsXOSG5qZ43j9XVgwPTN5uAR01%2FZN6cdvek33CR8uEvUeLC8RFct8I7eYRavXzyvdiVvimWsh8vnkAhId%2FKiSDQJiFdi1lcQ5o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-pingback: https://go284.a7bbab.com/xmlrpc.php
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 66ms
28ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0bd06ae011d164b3194e649cd244b77dd131564ad65acab42d4dd318a1e9fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H2 200 style-rtl.min.css
go284.a7bbab.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 29ms
22ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d33bce3fc1753bcb9f94f51a7536cb621411492720236a663a7d28e2731359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 21 Nov 2022 06:39:00 GMT
server: cloudflare
etag: W/"637b1d04-17226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZ1KYSmWOR1EdrwBJC7c6dBeLr8GGcAABeDtLGK1CIaNdV05YuCYu6HnLbRFcTAajcgD8NoL6lJ0DEzuedyCpla6ppFOtmNrq2env%2BBirtRXJc0ETRpBm7JJRgMIfeN%2FgaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935cf77362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 classic-themes.min.css
go284.a7bbab.com/wp-includes/css/ 217 B
468 B 33ms
25ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 08 Nov 2022 14:24:27 GMT
server: cloudflare
etag: W/"636a669b-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlBV6C1GRa6x%2Fz8wBpY7uVP2MmNZivPLmbhj0YRnmKbCYQ4gl9nJLJXXk5Zbu9B9%2FGCA4I5x%2F7No3xuiwofUIjYIsQj%2Bc0iXUVnVUBeZ5aZ2ayiKiYOdmuyk1KjBIpL%2B8cA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935cf78362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 be.css
go284.a7bbab.com/wp-content/themes/betheme/css/ 365 KB
62 KB 36ms
29ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/css/be.css?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baeaf196a0998e9a4240f1b3d2f3194c333c6ea59bfdbff3e0345b20c7475cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=406167
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-63297"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kHQcIPOLlAbX0hFCkyBzciLgn%2BmKGNMZzVpPF8kSoqrqrpywF%2FF7dBOU8R9Kcb5u%2FlXTZhJBoMtFjkTId5fnD9OIjcscjxF1MNKJ%2BEuYYFmR27g7xFc7G8ly4ewdsEK6Gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935cf7a362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 animations.min.css
go284.a7bbab.com/wp-content/themes/betheme/assets/animations/ 58 KB
6 KB 41ms
35ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-e83d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J8NfPUEDRno%2BFsWVAeob90MzDKYOj7heJXzZCkNGuU9tSXJxoUbzYtvUszNBJg8K%2ByQqtQfLvfByfsqs6qGUSOw3Y2rT%2FLZIs8T7NMJIFHvjrxFH7%2FdQjmrUUbTRXhgwQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df7e362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 fontawesome.css
go284.a7bbab.com/wp-content/themes/betheme/fonts/fontawesome/ 58 KB
13 KB 34ms
27ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 916ec9d93e85ad5125306e2c1e6b229b87215ba762657e8956d6e7490c83c626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=60701
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-ed1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN6AFFGGVFjCngYg%2FXEZ%2FN2vyrYor1EcnU4u3wjBH0mCA5Zc6UQfcg8XZCQcX5GzYYz%2B8W12ZB8SOenx%2BrBcAFGsh7BOUS21JR%2F71ct8NroAwI4Uno9X4rirUQ6ZU%2Bd%2BEGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df7f362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 responsive.css
go284.a7bbab.com/wp-content/themes/betheme/css/ 54 KB
10 KB 30ms
23ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/css/responsive.css?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395f81b6cb7cc8c12c8af2f3208122cda676fee76e47639b63c11337c7053e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=64924
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-fd9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiZiwihDNb1yihXz0NGkl9YtSuK9fZSNvCVwS%2BvA86%2FEERXEToztkLGnGKqYLp%2FKuAOZhaoCJmenjblydHFuPaZiofSB6eoQ%2FS%2F5yZP2CcQft1YVeQ1AtoqcdjtrOS3nCoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df81362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 mfn-local-fonts.css
go284.a7bbab.com/wp-content/uploads/betheme/fonts/ 4 KB
700 B 41ms
35ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d69a1a9f5825280540240a9238ff9fe2ae5ffb52fce171ca9e1d48056bc258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=4277
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 22:41:28 GMT
server: cloudflare
etag: W/"62e85698-10b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU%2FiOpkxQtn5nzc9htoezGb%2F3JrtwnaPdWNrco5hjaxMk8qjhkQRKWH2%2BU3EXu2wX%2BOlEeagLWclw9RYS2jwra1lyYWjmKzFsf%2FKliS837p%2FluYMLPwiEKfg2jCMs2XhbWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df82362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 static.css
go284.a7bbab.com/wp-content/uploads/betheme/css/ 43 KB
7 KB 44ms
39ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/uploads/betheme/css/static.css?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b53cd940a678b501c50ec40a9affc7b72f7448c45d5af5ede7dd1b91c66e76dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=45086
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 09 Feb 2023 23:39:45 GMT
server: cloudflare
etag: W/"63e58441-b01e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ob95GI4NUzJDbYsj7fa3CAgKoXJZl5AqFElFVPrM5Seq5eh38L7ULmA1nnGCLZZGKjFDKxmnWA4F2ALwsL8XyxZ0lhu9RjuLev%2FVl5SXr0VKBqjCtJx22dXxFZLEx2laQJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df83362c-FRA
expires: Sun, 26 Mar 2023 15:30:40 GMT

GET
H2 200 jquery.min.js Show response
go284.a7bbab.com/wp-includes/js/jquery/ 88 KB
32 KB 50ms
44ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 08 Nov 2022 14:24:27 GMT
server: cloudflare
etag: W/"636a669b-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c7GF1qwU%2B1XKVsHCJyIu7VV1k3HYj8Qn7HcT1iRnpKw8OwolTb1naUpCXgI1kCnvGnpzOUvb19kDsUPSaITUlX%2BejsJHUCmks0%2FoB6JSmNFinCIgXlzSN0u6UN1WJjFspA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df99362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
go284.a7bbab.com/wp-includes/js/jquery/ 11 KB
4 KB 42ms
37ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 12 Dec 2020 00:55:31 GMT
server: cloudflare
etag: W/"5fd41503-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7pd0mvrY90VejJPpeJlfFXRSYc06H%2Fk3lP2VnjKVfvF3Eb%2FQSzXt4Pj6qbcjIlCY0P4rnXfVQGDyCQxO%2B%2BBbbGb2cQbTHAQxQKEquxzMi4%2FwrfSwezoDSG4F52Kj8dV4FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df9b362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 rtl.css
go284.a7bbab.com/wp-content/themes/betheme/ 35 KB
7 KB 29ms
24ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/rtl.css
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed797e100b98d5f7afc10934541e7b03fb7fbe19dff348f76fb02503c8d9fba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=38878
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-97de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrxP3%2BL%2FCeGmx08OVBpuWuAsskLbs0vduKSwFqW0UQUC1dFyJ8wz7wwx%2FvUJ%2FckGb7llzylUZg%2FYyf91YFB2dvQ7ckNSx9iNzoaiQwMo8NtQL7gJ0rTaY7TMalUfSnqERs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df85362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K3MK2YLRZB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

505c2eec4c120c0be7fb3dbc39e7c69e193a00653e4ced739b0e20fcdf97dce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82538
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
27 KB 95ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae18c3f1e21a306f5984175cf767c825de60b2b5507943d3775b9b8c4ad345c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26819
x-xss-protection: 0
server: sffe
etag: "1498 / 577 of 1000 / last-modified: 1677758962"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 89ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5603248120981298

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5adc9495bd2e6ec4bfc7f7d6f10a79bf408e3b3b0e3681d3f4532b63fea4b27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48002
x-xss-protection: 0
server: cafe
etag: 6314704913903492710
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H/1.1 200
OK spt Show response
tg1.matched.se/api/adserver/ 23 KB
7 KB 193ms
35ms Script
text/javascript 2a02:26f0:f700:4::212:4f10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.matched.se/api/adserver/spt?AV_TAGID=63f8907a8aae96ca860d32b6&AV_PUBLISHERID=63e26ea450153dfa9007b615
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b60e744f89858f8fb0c5d7d6d1a48a781df091b2ba6927d69dfd9f6cdc8bd2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Thu, 02 Mar 2023 15:16:01 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 6187
Expires: Thu, 02 Mar 2023 15:21:01 GMT

GET
H2 200 front-style.css
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/ 11 KB
3 KB 27ms
23ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6bc7b295106eb1236e9ec8ea5d07b612aa63bc4b955cc78804405c4de09fb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=15205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 01 Aug 2017 08:49:03 GMT
server: cloudflare
etag: W/"5980407f-3b65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUjXCJR57Avg6B4eU0X9GBqvmxMoyujIku4FVsBygltR1XJ7wUkFbnB160UxjnzGRfwATwIeIaIZ7trziRpjTvwUoyTb8qyCGPqI1FkaJmM0InFcdJjfbywwOM%2FnZU0hP5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df86362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 buzzfeed.css
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/ 3 KB
1 KB 58ms
54ms Stylesheet
text/css 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c98ecf738082d7577ad4379813dbcbf0dbafe86aae325190da99df2ca551b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=4325
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 18 Feb 2016 17:11:59 GMT
server: cloudflare
etag: W/"56c5fb5f-10e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TScrBPqsDXxPeTP6Mh4tNYGeYY1EQ3h90ny2TW1DDLIY0z7LoDCqXs%2BxmFAIp3M7Be7aZr03lsDEvDaWmHrR4DzsMdcMbL%2FcpM4iTYXAuvJZS98vNcW6x7owoFtxmZQ8XsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df97362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 core.min.js Show response
go284.a7bbab.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 51ms
47ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 08 Nov 2022 14:24:27 GMT
server: cloudflare
etag: W/"636a669b-53c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc4lQeI%2B%2BVdGsQabGHszRA8RJxK6qWRZa8o7Iup%2BqJO%2F8%2Fl0c9nST%2FFK76fa%2FM%2FsrIXbfPDGExScuUNiOCDkkdGDYF2GDJRn%2BRHajDVE9ioPb31dNXMq0Aw4Ly8kj7d0a4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df9c362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 tabs.min.js Show response
go284.a7bbab.com/wp-includes/js/jquery/ui/ 12 KB
4 KB 48ms
44ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 08 Nov 2022 14:24:27 GMT
server: cloudflare
etag: W/"636a669b-2ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpmZGSEvgypeX%2BL%2FfaGMT7Ux2aKWzTHw4UPgAnfSUtPgi9EVruq%2FyhPtEIEL%2Fc%2BGxO1jVUJcrL1mJp2rX8dms%2FGRmd7e%2F9oyxV0odspk7%2Fr9kTCW5Y%2F2A40%2Ft%2BeFPaq6ajY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df9e362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 plugins.js Show response
go284.a7bbab.com/wp-content/themes/betheme/js/ 195 KB
56 KB 49ms
45ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/js/plugins.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201eb83e4a865a0382ac4bc772fc2d639d38b7caccde1c7faeddd13016c9032a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=201504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-31320"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrO7%2F4YMyhL9EJv3Oun%2FRsOitFGFoAzBqmzwIzDi9Q8nESXfv8chohb9Xp9GGzDKUiDUwAd38CpF%2F6YhE98rnTvOlHxq26bJhJNkbPhJdHKIiAuWMqREZDPJb4FUHBjI5u8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935df9f362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 menu.js Show response
go284.a7bbab.com/wp-content/themes/betheme/js/ 2 KB
1 KB 39ms
36ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/js/menu.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac4e422494724d1feae6fe3201e2938d17ab3c57e8e89a12de05184cf922dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=2824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FQ7smPy1UtxDwh5ISPA8JzWsVmngWwn5Isa9z6gbZifSUfrdibx1sWfMkNWkA3faO3xNB%2ByQIWzuBjow5TkALQ32PhctIvfuRxCWsfizgNyUXEzDqHZxGSm2SVQkWh%2Fvc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa0362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 animations.min.js Show response
go284.a7bbab.com/wp-content/themes/betheme/assets/animations/ 2 KB
941 B 41ms
38ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-727"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmMb3AwNdC7vBDr6pyNlfQAzoyXbdqtktlK54cQzzfEl9tDqujY87s2fm7XHLPw8YGsNH%2Fj5gPchBQnXv%2B%2BRQ6jOq9CSxn%2Fjnj%2BgTt9HCJQnycHXWRNha%2BSXeKcVuum9PGA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa3362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 translate3d.js Show response
go284.a7bbab.com/wp-content/themes/betheme/js/parallax/ 2 KB
1 KB 39ms
36ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9c69b423b6a43cc1cfb819f47e3d6adf3596cd05fc6a1e92ee5fb1dfd0c6f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=3963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-f7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTe0h5ZySi%2BJjpvMrLDbr7Wtm7RXb7ToJS%2FE0GSMtWczbwcgED9lzuHizJjkw90G7PADP7cXuZ4Kh%2FLuZ%2FKrEK%2FmomMGMzrfUuDqFjrxPVr9fwg5HBQe2o21eAClvngZOUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa4362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 underscore.min.js Show response
go284.a7bbab.com/wp-includes/js/ 18 KB
8 KB 48ms
45ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 08 Nov 2022 14:24:27 GMT
server: cloudflare
etag: W/"636a669b-4991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlITQovXkyvGX3e8OeEf9wNXWSVc8KSBOR2uSaec1D9U0J7XSIv0BUphF%2Bwdd%2FuxwHRtHl5NgEDITvTHRF1SPJxlMUKQkt5yG0dx2Rk4CMPjviNjcchHXazbWWntEWN5Tuw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa5362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 live-search.js Show response
go284.a7bbab.com/wp-content/themes/betheme/js/ 11 KB
3 KB 40ms
38ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/js/live-search.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9cd1fd6cf481889c0e3fb9ad468cc19081e3449d04800b24b7c96df4f60e7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=15542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-3cb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcwtNr%2Fkt7WvSkt4RwWkAy8wkNO07xRp1uqjU%2F8gtQ3s4kJtUT2aZp%2FvJeIoSMSdfAqY5llOFVlwuhHYrHUJVqL9oKUxI7sLGHd%2FL1%2FUBctgHTS0ym%2Bem%2BxCfBGyjTTc1Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa6362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 scripts.js Show response
go284.a7bbab.com/wp-content/themes/betheme/js/ 68 KB
16 KB 39ms
36ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/themes/betheme/js/scripts.js?ver=26.4.0.4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e887efbae0fa9ce41e453d374d1e46106177f09ebf7de1dea1a9cfd68ea6ebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=105249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: W/"62e71de2-19b21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0lozyRQdDO%2Bdr9oQC7zTD9FHqtbLQp8nwZ%2FqVrYSLFJgIWeFTC93mzAn%2FfeRXGWIG1O6fZ5zF3zke0TmbKy31FSSYJ%2BYfnqdcXFyg4ttKAaPVzDG7PEZp9qr0KjeR33vMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa7362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 comment-reply.min.js Show response
go284.a7bbab.com/wp-includes/js/ 3 KB
2 KB 39ms
37ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 06 Jul 2022 00:13:38 GMT
server: cloudflare
etag: W/"62c4d3b2-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cgx%2B9Z3VfzyZzu6E3tz%2BSigZGuXkGOrmC%2FgmAwXt0lfJtQBm4AVcI1wCD0U86yyQAa7i7diMWgz%2F2Udwbuznx62I5F8j4vBLTg3PaIxI4b1G6VKbEyhcsWxcVfzYVpVFhu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfa9362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 smush-lazy-load.min.js Show response
go284.a7bbab.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 39ms
37ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.12.5
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 24 Jan 2023 15:49:31 GMT
server: cloudflare
etag: W/"63cffe0b-1ef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Bwbx7Edz2R2vCL3ew3CGINN4DeKti2p9nLDa0PE8sSaEy44XU4jcIbaBeAMspFDwPZuKP3yjYdlkr%2B54mN4pKJIlTBfy1vlsEEjl6Ht9jvpgw3FSq584AQ7EE84hnwL4Ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfaa362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 main.js Show response
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz-analytics/js/ 2 KB
793 B 40ms
38ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz-analytics/js/main.js?ver=1.0.0
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa4cd9dac16ad94b862d962019bac6573a822079f1b7d27f575ef46d74e24fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=3230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Sun, 01 May 2016 18:00:12 GMT
server: cloudflare
etag: W/"5726442c-c9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ik8tuN72WRfRWgw4BY%2FUfsVs9qs1y1RVg9T7nd4R7S7Rv8sNjxnPINub8iqDK4EalHlx6x5h7OSBlvq9BzAEK%2FhZ5rXXAVy9kECwJZqlEpsfZXU5Ha8ReC0P6uD8S%2Bon5ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfac362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 wpvq-front.js Show response
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/js/ 23 KB
7 KB 40ms
38ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/js/wpvq-front.js?ver=1.0
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d1d3bee4d06141f915a7781b51d7dea9b69091b10cc5a988cfb6f3168fcb5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=40800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Tue, 08 Aug 2017 09:08:33 GMT
server: cloudflare
etag: W/"59897f91-9f60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oxbecW0N0X%2F%2FRRc7hfWfz8gItsy83WeEUx0XuZJYm%2FpX0RbgdCnHx53y7aGTX5Ovg%2Bpxry27G%2BTeCZ20hq1S9JNWw9n%2BSZmXvOguWWDVHKhVH%2BWY4RJR%2FvvUgDiSbHRnmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfad362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 wpvq-facebook-api.js Show response
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/js/ 2 KB
1 KB 49ms
47ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/js/wpvq-facebook-api.js?ver=1.0
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07219384ca652e6d557049ba50ead0dbcd840a698eca2a9325df17dcf4f5d1b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517520
cf-polished: origSize=3530
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Mon, 14 Aug 2017 14:05:45 GMT
server: cloudflare
etag: W/"5991ae39-dca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B1C1oyM3zdhkV78a0oYrfT6wOcm4HsrCcHWzDQaaiZlD37q7uxFD3FTGC84lVAhqToILx65Y3onCMehEu4F8HoVN1LR5exwycIevi9PPd5QDHCixiFghM7yMEhHtpM4iDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a9935dfae362c-FRA
expires: Sun, 26 Mar 2023 15:30:41 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 69ms
46ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://go284.a7bbab.com/
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a1a993678603605-FRA

GET
H3 200 wp-emoji-release.min.js Show response
go284.a7bbab.com/wp-includes/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Wed, 06 Jul 2022 00:13:38 GMT
server: cloudflare
etag: W/"62c4d3b2-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLfysrbFvdgXL8H6yY1FaVLzGpt0UbzZ7Cn4ZUgOm0Dhr1zYVrtafPIB4elKDIqsNT01LBRiLrDD0rJpltSLB1MMNlrytBy6Fb6o0HhtZ4Ny%2FPvKTJx0f32ytAXJ0WLQw0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7a1a99365ad82c77-FRA
expires: Tue, 28 Mar 2023 21:31:24 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 41ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 3136857
cdn-cachedat: 2021-04-13 02:55:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a4c754a17577d74a872d3c9c794d1a4f
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7a1a99367d38bbf2-FRA
cdn-requestpullsuccess: True

GET
H3 200 Reem+Kufi-400.ttf
go284.a7bbab.com/wp-content/uploads/betheme/fonts/Reem+Kufi/ 23 KB
23 KB 70ms
69ms Font
application/octet-stream 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/Reem+Kufi/Reem+Kufi-400.ttf

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8c14c071821a31067f72a22ee8e5cd8a03d04e365b5503a2dcb22649240957d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23360
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Aug 2022 22:41:25 GMT
server: cloudflare
etag: "62e85695-5b40"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ng12wqqW%2FVyBUhD8mPjxeCcSbSQHwNj0FqwC2QNieco7xftJ5AYjt2SOGi5L%2BEWGvC2j4whAMDcGTcc%2B83ibWa5a04xfQVTXPahtWehqqT8cw4DZf8LOFRThAnGRXukarE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7a1a99366afe2c77-FRA

GET
H3 200 icons.woff
go284.a7bbab.com/wp-content/themes/betheme/fonts/mfn/ 80 KB
80 KB 82ms
81ms Font
font/woff 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go284.a7bbab.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/themes/betheme/css/be.css?ver=26.4.0.4

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go284.a7bbab.com/wp-content/themes/betheme/css/be.css?ver=26.4.0.4
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81448
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Aug 2022 00:27:14 GMT
server: cloudflare
etag: "62e71de2-13e28"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VBxo3dtKloLjmtbTNSe42qf2i1wH%2BPQVEwrkFNfjGrtYuXD7rIFsrDQ94wxBIUtIp85PYv6q7vK%2B51xcmtSjdmDXDHvBDWyShimcn%2BMVWik%2Fvw3Nj9RjzaWdRWD4IBjLkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
vary: Accept-Encoding
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7a1a99366b002c77-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 63ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QDVJ1GCKH3&gtm=45je32r0&_p=170485274&_gaz=1&cid=1969437710.1677770162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677770161&sct=1&seg=0&dl=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&dt=%D9%82%D9%85%20%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D8%AD%D8%AF%20%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84%20%D9%88%D9%86%D8%AD%D9%86%20%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83%20%D8%A8%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%B4%D8%AE%D8%B5%D9%8A%D8%AA%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 73ms
24ms Ping
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QDVJ1GCKH3&cid=1969437710.1677770162&gtm=45je32r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
81 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K3MK2YLRZB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07393901245a0fbcf9297666302c66dfee491f2d3ed0048036a22f819e534631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 24ms
22ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=12&dl=go284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&tdp=G-QDVJ1GCKH3;90484449;0;0;0&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 39ms
37ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&tc=12&dl=go284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&tdp=G-QDVJ1GCKH3;90484449;0;0;0&z=0
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:01 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 31ms
29ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tc=12&tr=1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdempageview.1ccdgaregscope.1ccdemoutboundclick.1ccdemdownload.1setproductsettings.1ogtgagamlink.1ogtgooglesignals&ti=2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdempageview.2ccdgaregscope.2ccdemoutboundclick.2ccdemdownload.2setproductsettings.2ogtgagamlink.2ogtgooglesignals&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 32ms
29ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tc=12&tr=1gct&ti=1gct&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 124ms
57ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QDVJ1GCKH3&cid=1969437710.1677770162&gtm=45je32r0&aip=1&z=545068734

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 39ms
37ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtag.config&eid=7&u=AAAAAAAAAAAAACCA&h=Ag&tc=12&epr=1G.2G&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K3MK2YLRZB&gtm=45je32r0&_p=170485274&cid=1969437710.1677770162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677770161&sct=1&seg=0&dl=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&dt=%D9%82%D9%85%20%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D8%AD%D8%AF%20%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84%20%D9%88%D9%86%D8%AD%D9%86%20%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83%20%D8%A8%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%B4%D8%AE%D8%B5%D9%8A%D8%AA%D9%83&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K3MK2YLRZB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 19ms
19ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtag.config&eid=9&u=AAAAAAAAAAAAACCA&h=Ag&tc=12&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ 3 KB
958 B 116ms
47ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:27:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H3 200 Reem+Kufi-1.ttf
go284.a7bbab.com/wp-content/uploads/betheme/fonts/Reem+Kufi/ 23 KB
23 KB 72ms
71ms Font
application/octet-stream 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/Reem+Kufi/Reem+Kufi-1.ttf

Requested by

Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8c14c071821a31067f72a22ee8e5cd8a03d04e365b5503a2dcb22649240957d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go284.a7bbab.com/wp-content/uploads/betheme/fonts/mfn-local-fonts.css?ver=1
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23360
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Aug 2022 22:41:25 GMT
server: cloudflare
etag: "62e85695-5b40"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RivEq%2FjOeR0F8JuQl92UYnf8zVO%2FZC5Qu0igT7UjyEgpx2d0Wmq%2FOqPEOBOclYQJsQQ%2F000pptjvyGoCQvHR1MufxHw14aLDN20z7MEdCys%2BCxjHlMTG9XC%2FxrIhtu8xOko%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7a1a99373c512c77-FRA

GET
H2 200 pubads_impl_2023030101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de869187a4d605b599f75528a5d05a278c5e86faf8ba4c2ec7b20d1424716f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132573
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 12:31:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 3 KB
563 B 63ms
43ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=go284.a7bbab.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

110d577ecab203864e7983c3e26ded8f1f9fcd0b1578b477e5114540cfded2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/ 360 KB
119 KB 94ms
74ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5603248120981298&plah=go284.a7bbab.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5603248120981298

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45a5acdd3d807932c4fbf455664f47b3ab1a2a053adc3a4b18758c3c0598f1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121305
x-xss-protection: 0
server: cafe
etag: 7852275715009946554
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:16:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame A90F 10 KB
5 KB 39ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5603248120981298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 19:39:37 GMT
etag: 2378337311435320485
expires: Wed, 15 Mar 2023 19:39:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8/v/ 697 KB
183 KB 68ms
11ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/avcplayer.js
Requested by: Host: tg1.matched.se
URL: https://tg1.matched.se/api/adserver/spt?AV_TAGID=63f8907a8aae96ca860d32b6&AV_PUBLISHERID=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 7892ce0febcfebefc28d8866a6f73a22d60fb844560cd6068122bfbf76180b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 14:26:22 GMT
etag: "1677680782"
x-hw: 1677770161.dop238.fr8.t,1677770161.cds161.fr8.hn,1677770161.cds013.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 187457

GET
H2 200 track
track1.aniview.com/ 0
71 B 385ms
94ms Image
text/plain 184.73.109.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=63e26ea450153dfa9007b615&cid=63e45f60d4c09df37c051e35&cb=1677770161861&r=go284.a7bbab.com&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&d35=&d65=&d66=8&e=playerLoaded&str=autostart
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.109.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-109-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 45ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=go284.a7bbab.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 123ms
49ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go284.a7bbab.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 KB
77 KB 951ms
951ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514755029690599&correlator=420595558839210&eid=31072019%2C31072790%2C31072802%2C31070233%2C21065724&output=ldjh&gdfp_req=1&vrg=2023030101&ptt=17&impl=fifs&iu_parts=109240298%2CA7bbab%2CGoXtraaa%2Cgobody3%2Canchor%2Cint%2Cgobody&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F3%2C%2F0%2F2%2F4%2C%2F0%2F2%2F5%2C%2F0%2F2%2F6&prev_iu_szs=360x300%7C300x250%7C336x280%2C300x250%7C360x300%7C360x280%2C1x1%2C1x1%2C360x300%7C336x280%7C300x250&ifi=2&adks=3260917866%2C4044819337%2C616782693%2C1505596507%2C1975265503&sfv=1-0-40&ists=6&fas=0%2C0%2C2%2C8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1677770161920&lmt=1677770161&dlt=1677770161555&idt=314&adxs=-9%2C-9%2C-9%2C-9%2C495&adys=-9%2C-9%2C-9%2C-9%2C17&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C936x27&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C936x0&fws=2%2C2%2C2%2C2%2C4&ohw=0%2C0%2C0%2C0%2C980&ga_vid=1969437710.1677770162&ga_sid=1677770162&ga_hid=170485274&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

067292308636933e3de8c39c88c0336d722cc32e94004070d09454ceac143456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78712
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 264 KB
52 KB 732ms
731ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514755029690599&correlator=420595558839210&eid=31072019%2C31072790%2C31072802%2C31070233%2C21065724&output=ldjh&gdfp_req=1&vrg=2023030101&ptt=17&impl=fifs&iu_parts=15918106%2CGoXtraaa%2Cgobody4%2Cgobody5&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%7C336x280%7C360x300%2C300x250%7C336x280%7C360x300&ifi=7&adks=2725300682%2C3266886444&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1677770161934&lmt=1677770161&dlt=1677770161555&idt=314&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=1969437710.1677770162&ga_sid=1677770162&ga_hid=170485274&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44f119318f69a75f9b029addaf5394ceda2c3bfd1cad87c4d9d67dfb4c11c6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53471
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F9E5 6 KB
3 KB 185ms
66ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023030101.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023030101.js?cb=31072790

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa0752ec7e148a4ffbb91f27fdd1b3d6b84dabee81ab53d5d618ec537aaac0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13785
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Feb 2024 11:42:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 42ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce8d6abff7d3f181068a04baf174252a2c4d32a7b8eebbae4892eb7dd01324c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 15:16:02 GMT
content-md5: /xTmsEMtX+ZcdTZ9wOsTHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: Memb2nf+zEN/KjeXjFji96mde2XT9FDaybSJ+Tee+EFZ98BcJfciEd0P/xIJuJ8WWim/OwdXcEn7gjPOksV03Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 16a0758d01180d09973592def3ea825b
cross-origin-opener-policy: same-origin-allow-popups
etag: "8d321e0bd57e9d5f95e7e6c79a6c91b1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:24:46 GMT

GET
H3 200 buzzfeed-checkbox-ok.jpg
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/ 338 B
970 B 28ms
27ms Image
image/webp 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed-checkbox-ok.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9102a91eb0c2dfe2c34333759eca9941a86e322ce0ea346c797a9a1d6ab915cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323077
cf-polished: origFmt=jpeg, origSize=722
content-disposition: inline; filename="buzzfeed-checkbox-ok.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 338
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Fri, 25 Nov 2016 12:01:22 GMT
server: cloudflare
etag: "58382812-2d2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZkT4Iz63dJwrXsL0PwXfcALik0j7mmCISCM7DTlmuKlxbs24lN%2BDBNPo1w6N22WcEdnrvYf%2FqTQ7jdmPj0gSeShKHIuMAEr8nKR1I6Ws3VwOz4pFY7p%2FZNvdG1G1yADBn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a99387e1a2c77-FRA
expires: Tue, 28 Mar 2023 21:31:25 GMT

GET
H3 200 big-loader.gif
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/views/img/ 13 KB
14 KB 27ms
26ms Image
image/webp 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/views/img/big-loader.gif
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52ba4c957efc7bae5e3dfe207919ee4c68e8910827a8b20be72eba23c81215f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151513
cf-polished: origFmt=gif, origSize=16508
content-disposition: inline; filename="big-loader.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13400
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jul 2015 14:55:46 GMT
server: cloudflare
etag: "55bb8c72-407c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAhULirSpyLMF6zNRgSoh1nkUxMB9NkUAsTWn4zaUCZi9lljf54PNepvyDdDv%2BwcDJXdKDiFaXOUcEDn3YK2bzYc9d%2BOE0YLObbcKknUrhDOAvLzgT%2BItrXO%2B8Ms4RtQctM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a99387e202c77-FRA
expires: Thu, 30 Mar 2023 21:10:49 GMT

GET
H3 200 loader.gif
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/views/img/ 2 KB
2 KB 25ms
24ms Image
image/gif 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/views/img/loader.gif
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6a799f49cfca0b6164fb8b20184ead7aa1de665e4ea47b5fbab6641a6edb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/front-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323076
cf-polished: origSize=2637, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1680
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Fri, 31 Jul 2015 14:55:46 GMT
server: cloudflare
etag: "55bb8c72-a4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUPxNkMaS11s0H7OCN%2F%2B8EXnYgEUcLuzGw1dIgUi5%2FGdlvSDJupVQnIVYp46I06norjWdbNfJfHIgUdj4%2Fgj%2FLDMf7sYmuRPIBd%2B55j0hq%2FOHDJKsBWeLMgWmxf6DqwkZe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a99387e232c77-FRA
expires: Tue, 28 Mar 2023 21:31:26 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 103ms
29ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 153605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 20:35:57 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 250 KB
59 KB 1289ms
1288ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3514755029690599&correlator=420595558839210&eid=31072019%2C31072790%2C31072802%2C31070233%2C21065724&output=ldjh&gdfp_req=1&vrg=2023030101&ptt=17&impl=fifs&iu_parts=109240298%2Ca7bbab%2Ca7bbabfluid&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=9&adks=2815214080&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1677770161995&lmt=1677770161&dlt=1677770161555&idt=314&adxs=185&adys=938&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&frm=20&vis=1&psz=980x0&msz=980x0&fws=4&ohw=980&ga_vid=1969437710.1677770162&ga_sid=1677770162&ga_hid=170485274&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f3d937d331122c0deebf5e0e2055767c5d6c0ee80aa0bd80ed5ba62b7b4035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60562
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 A7babLogo--e1659357325319.png
go284.a7bbab.com/wp-content/uploads/2019/07/ 6 KB
6 KB 20ms
20ms Image
image/webp 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2019/07/A7babLogo--e1659357325319.png
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4984e8c822cfa3da6fb01ff335b74f83cb58073ccc3cfd5f1ffc2c567cbfe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343728
cf-polished: origFmt=png, origSize=8917
content-disposition: inline; filename="A7babLogo--e1659357325319.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5896
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Mon, 01 Aug 2022 12:35:25 GMT
server: cloudflare
etag: "62e7c88d-22d5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaermpbyxNIJpMKLXS%2F0p%2FYlXoBtkzHhSNks31KMmERJC6P%2FcRyu21RDyUTNRue6j%2FAhMDbd%2FF43bRFPxGwVzx0Z31AMsF%2F%2BWXEBa6YQT6elmMhnMPAnzf1%2BpGzuacAI4D8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9938cea52c77-FRA
expires: Tue, 28 Mar 2023 15:47:14 GMT

GET
H3 200 buzzfeed-checkbox-no.jpg
go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/ 176 B
805 B 21ms
20ms Image
image/webp 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed-checkbox-no.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48dc5d19c8edc57a9b695330ee5f454f5d634772606a125e8b4dfdf65bc54d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/wp-content/plugins/wp-viral-quiz/css/skins/buzzfeed.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323076
cf-polished: origFmt=jpeg, origSize=554
content-disposition: inline; filename="buzzfeed-checkbox-no.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Fri, 25 Nov 2016 12:01:22 GMT
server: cloudflare
etag: "58382812-22a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dho6t0WlRvYEWQtG7s9oQRoCpS%2FMTFQFhOWRYU2BCsc3zTmRuLw5tk3jxm21IPXN5nLhCGX1okvdtrDaJPk6NJhozHgerpxsft0cAUX5t70fr8%2BON2P%2B2eU07QesOzpOrek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9938deb12c77-FRA
expires: Tue, 28 Mar 2023 21:31:26 GMT

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8/v/assets/ 34 KB
35 KB 33ms
12ms Font
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/assets/31d54a4b841c0e438f13.woff
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: https://go284.a7bbab.com/
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 14:26:22 GMT
etag: "1677680782"
x-hw: 1677770162.dop138.fr8.t,1677770162.cds249.fr8.hn,1677770162.cds001.fr8.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame CDCB 450 KB
121 KB 92ms
13ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: a235966af85126b18032b951833e3fc66e93bbbbae63715c2afbfa8c7695f7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:34 GMT
etag: "1677660574"
x-hw: 1677770162.dop146.fr8.t,1677770162.cds259.fr8.hn,1677770162.cds159.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 124018

GET
H3 200 main-4.jpg
go284.a7bbab.com/wp-content/uploads/2019/12/ 30 KB
31 KB 30ms
29ms Image
image/jpeg 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2019/12/main-4.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f5631a16fb5cf5ce83dc42b510686c7d0eaab3d85edcc0696ebe99e4442ec79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13566
cf-polished: origSize=31771, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30884
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Mon, 01 Aug 2022 03:34:36 GMT
server: cloudflare
etag: "62e749cc-7c1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npPciUtDyjdeuJc619n6XnKMmySVXp%2B5qQ7PHhFrSoA0dU%2F1i8G8sch5DSqro4KVBaD%2FJak7KfU6cb9uGMWXaVSOiTSw%2Fck2dFwF%2Fmw6xhz1sjCYBRsrC2ZzfEoZyeo9KxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9939d8572c77-FRA
expires: Sat, 01 Apr 2023 11:29:56 GMT

GET
H3 200 db0ba2d79c0ea4f481f1f5c064c9721aeacb5bbe-011019082112-e1676738914496.webp
go284.a7bbab.com/wp-content/uploads/2023/02/ 26 KB
27 KB 37ms
35ms Image
image/webp 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2023/02/db0ba2d79c0ea4f481f1f5c064c9721aeacb5bbe-011019082112-e1676738914496.webp
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b408589096b572b23c0110b210c87fb259f1dc0111b57080095869f46b9e0cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117453
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4HspVUhDq8tcNwgXLhca_1CrzVOGsEKyIMABmaybnGc-1677770162-0-Ab7QRtFBzwLJ_O89DP3EPycBTMlUeneDQcDvCnboPrBpl-P3FDDoVkE4NHuwAAJNcVPdKWl9xCFn-BdCKD366u2L8RC9OJ32JXyl7OPYFK3UJ2i1coG4orqBuuJVCbFpEg; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26286
pragma: public
last-modified: Sat, 18 Feb 2023 16:48:35 GMT
server: cloudflare
etag: "63f10163-66ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8%2FeGAkO9dvRn%2FQV%2FooNuKVnzHkmwqEBTdAEXLqc98RQdxsIsS9NZvkLRaWC%2F94%2B6jwthiBNXzrELieQlqIEu69bjp91CEgvneeyjH69HScnxL9mavJradufjD5h4EKPekc%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4HspVUhDq8tcNwgXLhca_1CrzVOGsEKyIMABmaybnGc-1677770162-0-Ab7QRtFBzwLJ_O89DP3EPycBTMlUeneDQcDvCnboPrBpl-P3FDDoVkE4NHuwAAJNcVPdKWl9xCFn-BdCKD366u2L8RC9OJ32JXyl7OPYFK3UJ2i1coG4orqBuuJVCbFpEg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9939d85b2c77-FRA
expires: Fri, 31 Mar 2023 06:38:29 GMT

GET
H3 200 shutterstock_680559610-1024x536.jpg
go284.a7bbab.com/wp-content/uploads/2023/02/ 82 KB
83 KB 20ms
18ms Image
image/jpeg 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2023/02/shutterstock_680559610-1024x536.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef3720b6697c8cb50d15f89d5d7cec56be566ab984e3e97b5acebdb00c93105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63368
cf-polished: origSize=84251, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84082
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Feb 2023 15:53:23 GMT
server: cloudflare
etag: "63ee5173-1491b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oE%2BG24j3qpTgf%2FGW0KV06sY1jti5Jw6NzxgW6077pscBMFYXzKk4TJ69kvepZ8IT40E8rXaQDRr%2BC1CGJ9Qp3jsAp1RlWyv9amFdg9JWZBQ34Tw04oJ4Cg09WbNAog5mNnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9939d85d2c77-FRA
expires: Fri, 31 Mar 2023 21:39:53 GMT

GET
H3 200 what-are-personality-disorders.jpg
go284.a7bbab.com/wp-content/uploads/2023/02/ 44 KB
44 KB 28ms
27ms Image
image/jpeg 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2023/02/what-are-personality-disorders.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f97083d4b4b5c966a9bd474f5127a6451504c730ff8458f9789180f452b79d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63354
cf-polished: origSize=44899, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44698
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Feb 2023 13:45:55 GMT
server: cloudflare
etag: "63ee3393-af63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOSVa1lUv5tuUVfa70TJilELyZCh5UuvRRceGzUS302p2InJdksERNABQKcv5w6VKA1fARH1VjlJmjdkPfm4NRuGIzZzFlEgV6o8nAKgjhNoLZJQFIVAGrBquZLeWSKEXq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9939d85f2c77-FRA
expires: Fri, 31 Mar 2023 21:40:08 GMT

GET
H3 200 pexels-apolo-salomao-sales-814375-FILEminimizer-1024x732.jpg
go284.a7bbab.com/wp-content/uploads/2023/02/ 76 KB
76 KB 31ms
31ms Image
image/jpeg 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go284.a7bbab.com/wp-content/uploads/2023/02/pexels-apolo-salomao-sales-814375-FILEminimizer-1024x732.jpg
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76185f87102913aa38601ec9a9062f1dd3803469b20cdddebbd57a94d4751f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63178
cf-polished: origSize=79654, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77594
pragma: public
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Feb 2023 14:36:48 GMT
server: cloudflare
etag: "63ee3f80-13726"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgPMHxstYMwgm0Kdu2L3zZDGA3nABrnGy%2BJW6Z3PDFp1Orbz%2FwLsXN7XcIofF88pWPhcuQi2C6DYDP9ZiY1Ns0VzXuPUqHeGUAFiuE02fsLBcMUiDUGn8r1jAvYN5br%2B9dU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7a1a9939d8602c77-FRA
expires: Fri, 31 Mar 2023 21:43:04 GMT

GET
H3 200 invisible.js Show response
go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 38EE 26 KB
12 KB 32ms
31ms Script
application/javascript 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1677758400
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e985758e19d006b05e3bcafe6ff0e596daecbb29739468ef972bdd7fc0934e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfp%2BlIeLZOqjbj2lBSVWTixoRIDyfXdxU3awCtTG19vbZUb%2FfYOP%2FppLVLQ1jKnxeeepD2AP%2ByCg%2BdlKSWMvxl3qO7NrMN6fcLRfSAwb%2FUQmEHvGMY4h6kN36sEQaTrrT1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a1a9939e8712c77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 108ms
42ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=go284.a7bbab.com&callback=_gfp_s_&client=ca-pub-5603248120981298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5603248120981298&plah=go284.a7bbab.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52ce3ebd7c6db288df837d1fe757e355dcfdde1fdd95c3a8c21195cedc2da8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 113ms
112ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=Header_creative&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15B1 0
19 B 308ms
308ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5603248120981298&output=html&adk=1812271804&adf=3025194257&lmt=1677770162&plat=1%3A16777280%2C2%3A64%2C3%3A16%2C4%3A16%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677770161822&bpp=3&bdt=267&idt=407&shv=r20230227&mjsv=m202302160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2230235233006&frm=20&pv=2&ga_vid=1969437710.1677770162&ga_sid=1677770162&ga_hid=170485274&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759927%2C44759876%2C44759837%2C42531706%2C31071869%2C31072387%2C21065724&oid=2&pvsid=3514755029690599&tmod=1593620439&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Thu, 02 Mar 2023 15:16:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 Gold%20rates4.mp4
play.aniview.com/63e26ea450153dfa9007b615/63f88ba9671544492b05ff96/ 125 KB
0 513ms
11ms Media
video/mp4 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/63e26ea450153dfa9007b615/63f88ba9671544492b05ff96/Gold%20rates4.mp4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://go284.a7bbab.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
x-guploader-uploadid: ADPycds5cZuyPTiHfhZSXNdRjMHhT6LxVYxNBHY6KcL5d-XIDr5E_N0ChwzGWKGMFINS4Hi_V9pGipgiRa88Ff52YXjfAiwaNYjq
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 0-246710/246711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 246711
last-modified: Fri, 24 Feb 2023 10:04:32 GMT
server: UploadServer
etag: "7dd4395030adfaf4fb6b847d583a6392"
x-goog-generation: 1677233072790619
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=hzeVDg==, md5=fdQ5UDCt+vT7a4R9WDpjkg==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1677770162.dop146.fr8.t,1677770162.cds259.fr8.hn,1677770162.cds257.fr8.c
x-goog-stored-content-length: 246711
accept-ranges: bytes

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 29ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=afa25c81702598507b77f42308c51966

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

251337fa75cca6a1255cc986b528a0c7466bbf4aca78c976e6a0d4617e3129a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go284.a7bbab.com/
Origin: https://go284.a7bbab.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 15:16:02 GMT
content-md5: 1iF96ba3o6pPS0uvOz3JBQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87053
x-fb-rlafr: 0
x-fb-debug: 9VMPdFEcBvtA+N8VmRIzKqGZE+WhhKCNWfPu09Ko62GbZ9CgPXxie0WlodLt5Tv8I1uXlSVZ7ojtdD7Bcuo+gg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0bcd225da3a3125720a02a7912040f65
cross-origin-opener-policy: same-origin-allow-popups
etag: "286c10ead3fc5b6aa131f0f4ad8c35ae"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Mar 2024 13:02:01 GMT

GET
H3 404 pica.js
go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 38EE 9 B
387 B 17ms
17ms Other
text/plain 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a1a993ac9b62c77-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bi%2BVj2pw3HcZbbI6sGcRVBS0L%2B8280aYktO8g1%2Bhc6qL5KV3%2FfyzXYaWseiW478LyNcYptN5AvbQHPQ4wmTROMYlQKCsqalhLI0MmR1cFyzyLycf17JaHt6xesEAeKYx0A%3D"}],"group":"cf-nel","max_age":604800}

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.matched.se/api/adserver/tag/ 21 KB
5 KB 525ms
224ms XHR
application/json 35.174.127.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.matched.se/api/adserver/tag/?AV_TAGID=63f8907a8aae96ca860d32b6&AV_PUBLISHERID=63e26ea450153dfa9007b615&AV_VIDEOURL=https%3A%2F%2Fplay.aniview.com%2F63e26ea450153dfa9007b615%2F63f88ba9671544492b05ff96%2FGold%20rates4.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&AV_CHANNELID=63e45f60d4c09df37c051e35&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=go284.a7bbab.com&AV_DADPOS=1&AV_TAG=63f8907a8aae96ca860d32b6&AV_TEMPLATE=63f88bf7671544492b05ff99&d36=6.2.86&responsive=1&sver=4&avtoken=162388&omv=1.0.1&AV_D66=8.2.12&clsid=e67260dc-22d5-464a-bc36-b969b88a5995&rando=77&AV_WIDTH=882&AV_HEIGHT=496&AV_DNT=0&cb=1677770162390&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.127.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-127-249.compute-1.amazonaws.com
Software: /
Resource Hash: ce45160ef54e0ee7498cc26992e1ea6c1d7c2074f4402ade41a43eb2dd722f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://go284.a7bbab.com
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Sun, 19 Feb 2023 01:29:22 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 98ms
97ms Image
text/plain 184.73.109.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=go284.a7bbab.com&sn=&ic=0&tgt=0&app=&wi=882&he=496&test=&d36=6.2.86&apppkg=&fv=1&proto=https&d66=8.2.12&clsid=e67260dc-22d5-464a-bc36-b969b88a5995&rando=77&pid=63e26ea450153dfa9007b615&cid=63e45f60d4c09df37c051e35&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&e=inventory&vi=100&cb=1677770162389
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.109.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-109-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 143ms
121ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=740673693856678&input_token&origin=1&redirect_uri=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=afa25c81702598507b77f42308c51966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Thu, 02 Mar 2023 15:16:02 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: k9KTSLah3NHvF3Z/CnyoGVkJrr3Z+uf44kgf/XwUwwok5aq1IfgtfMWRPIGFV/ft4NFw4nxrEbPUIGxS+o8pdQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go284.a7bbab.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 75ms
8ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:05:31 GMT
via: 1.1 google
age: 631
x-guploader-uploadid: ADPycdstvMBAFusdZcR78haf1QdmyCGrxKA2dUko3j7iZxomovRMBa8O3wV-4HW3wfpG9vTEJF9wtWhETXrAcljKZUYxbOhOxmA4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Thu, 02 Mar 2023 16:05:31 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 58ms
10ms Script
text/javascript 13.225.78.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-47.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:20:11 GMT
content-encoding: gzip
via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 14152
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 22DJ6NFluJ1l1fcWZD96nd2MGnsPUlQcbz7OqBI27AojFrA0Ed6NJA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 99ms
8ms Script
text/javascript 2600:9000:21f3:e00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 04:08:39 GMT
Via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 40044
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: qzu4IJ8TdND0uqKmF97_h3EhR4m_8HULPVY-ybfVbnv1TcPr0F1hwA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 51ms
16ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: MFKC3TVFFG0HS7AP
age: 854
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a1a993d082030d6-FRA
x-amz-id-2: Q9Q8N0TXlJRXJUx11hDmn5c1nflEiZbRWD50UXh1ESWqrQIZDbd6ceLCnE1FfX4KI/b5vZOPQkaqUW1SdCUzpw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 45ms
20ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24129
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TdJkyoURokD56DRgyA33X7akMz30VnhU5T5v%2BnNn9jS%2FrAAMFhO7QKuuF9R4gGlqtzvW%2FSkza4GtJfEumagE6FiC83j59R%2BIFHJKzaKNFjRVW0q1nMIR%2BatqgnEzcewJ0fMoqtSUYZZ6RLz4zU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a1a993cffc55be5-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 76ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 15:16:02 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 38ms
8ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:51:01 GMT
content-encoding: gzip
age: 1477501
x-guploader-uploadid: ADPycdvujfU_oLUmNVqI4f5BZnpSVte8PDLotLNZgvFd0cC54eAGvZm9f8-b4dRZmf4BnqGEW6yytSvFJRHHxFr_uK-ecw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 13 Feb 2024 12:51:01 GMT

GET
H2 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 894A 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA38 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QDVJ1GCKH3&gtm=45je32r0&_p=170485274&cid=1969437710.1677770162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677770161&sct=1&seg=0&dl=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&dt=%D9%82%D9%85%20%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D8%AD%D8%AF%20%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84%20%D9%88%D9%86%D8%AD%D9%86%20%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83%20%D8%A8%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%B4%D8%AE%D8%B5%D9%8A%D8%AA%D9%83&en=scroll&epn.percent_scrolled=90&_et=17
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 894A 8 KB
991 B 47ms
45ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:26:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 15:16:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 894A 2 KB
799 B 112ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:42:40 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 894A 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzWAnsb0AZNuKPIrP7_UP0amD4AmviJaXb5y_kdGMEb-v1JO6AhABIILn5DJglcqogrAHoAHog5DeKMgBCakCri_P9q_OsT7gAgCoAwHIA8sEqgTCA0_Q96B6XS0U8FX8c7gOVnclcBYAu66BVfIPfk4FQiBAEXLNpMca4Y9iL7l1ow0Y8xVN4AW3XXVvH-qdg-CSS4MlwS0jIhPdDAh_yN3kXOGuFkeSg--NZ1MAkQ4sn_O269XJEB6pm_ea7dW35Z-1MsDcMKCGD4AH3N-8yQffyvHgqq5VrrlLbyFwHPOpqwF2SZqyfyKP_TvoKRraMTvpmoKM1PmPnp65-STaSaQ7eTdBLbIf7vepmipl7lfWraaJVO20N_9og4iIXoQv-b2Smi1WqbXi5up8ytTjY4EeS-hzbuCvNSDV22MvVgVrE5gVZX1ujj08DI5IkroeH6vo_Is-ZMbyMdKEaVutdhBX6QG_lF2wQr3uRebN7rLgjyQRmQ8KQR8_RJw5aqmaKgE6FECNaDv7pkvWhuzpYP9OXdeOrYcuMXgd4JMp6K6K21j6cN9kBo_1iTYXKrjqB4SDPrYa1EQfbg9AUSX444tloNyk-NytuBA9jxH8aCkPa8NBDrqSao842V5pYhePBcmfQP7k_NugKAkdCot9Qy0ohco7qtA8EKo83zxMmjj8J9HC-kHB8QSA1EicEewy8_-vEvyCwMAEt5_MzKIE4AQBkgUECAQYAZIFBAgFGASgBi6AB-i74L0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQrZow0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTE1NTg3OTg0NzEyNzExODIYmq0Z&sigh=z6ycM9_xle0&uach_m=[UACH]&cid=CAQSTADUE5ymO1RJwSen5A1He_ksl_pjIqSWy1PJgL_3W7vaKh8TpuskSJX4r-X7DwT4NrEWvGqePPIwuqzwzKghuWnbIjaJ_PteCQu4W8YYAQ&template_id=520
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 894A 22 KB
9 KB 83ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 894A 3 KB
1 KB 103ms
44ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 894A 20 KB
8 KB 82ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 894A 158 KB
49 KB 166ms
105ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:02 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 894A 34 KB
14 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BA38 8 KB
968 B 44ms
43ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 15:16:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame BA38 2 KB
846 B 102ms
45ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:42:40 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA38 0
0 54ms
51ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0S02sb0AZNyKPIrP7_UP0amD4An72a35YM6Vt963EKbxhuOgAhABIILn5DJglcqogrAHoAGrgqihAsgBCakCri_P9q_OsT7gAgCoAwHIA8sEqgTIA0_QveCrsGPL1X-wQ2eZlfrLljIw2WEdSJsJIsUevVT54VjY5sN7QOJFsUVmySAQA7ocsAgthlxO1fUSrjcNLZRK0nLdEk4p-ORu2ojQTCJpF8sC8T0VTxGk-3KT4dX_UcLmWp7dCNt7tzv0jYosAl8BNiADof0XFiF4_nt8Q0iID14PjkDcbLcLZ9EqqxVSRdDDdMyTGiaamN5UXgzBIQjWrX-0xrJdey_vlsvhfl7ws3EOKVsrqF7mp0E4D5MMqhhsdVGLGjiFAJLsikV5lUTXpfCyYkCEmKxAlY4yIR02D5oriwjOrpknGwkANcXu3jBXw4Bi4ATbxvkZRKZXmlViy-x5qnJnMEkunORzb_2JJufJmEhFULlbQbqEM84jozxgK9xF8VCKCDuLS5PYgTjf3fWXhqFgEq3QZBwTKgKQ3NXY64n4x_7p3ZIvY6tjSeIg5K8ybM8qkpR-KfvtGZhNacFYPrSjaJjk0dPHc02K9xWx5dc05jb7UCVXW3mdgjsip2M1oQ-phAGcILlm8DnD4nomAXLYJCSu6ueo4LMjl6KIpNpwTxK_ixg3gsUeAioU01ofdNeUTLpRv8aF2pPYN_gRwb8dTMAEuJzOnqQD4AQBkgUECAQYAZIFBAgFGASgBi6AB739194BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4JQf0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwG4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTE1NTg3OTg0NzEyNzExODIYmq0Z&sigh=NwJkBSrgvhM&uach_m=[UACH]&cid=CAQSTADUE5ymO1RJwSen5A1He_ksl_pjIqSWy1PJgL_3W7vaKh8TpuskSJX4r-X7DwT4NrEWvGqePPIwuqzwzKghuWnbIjaJ_PteCQu4W8YYAQ&template_id=520
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame BA38 22 KB
9 KB 83ms
27ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame BA38 3 KB
1 KB 101ms
46ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame BA38 20 KB
8 KB 95ms
40ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA38 158 KB
48 KB 200ms
143ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:02 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame BA38 34 KB
14 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 08:24:18 GMT

GET
H2 200 data=-W6tBxp684d2xhuRtDIG9JhRaaLIP-3DBSje_QHfIeE7OKvIJukKNFCWhAIlxFrbzZ8cbgjVV0U9LvUheEh2dA
mts0.google.com/vt/ Frame 894A 15 KB
15 KB 162ms
79ms Image
image/png 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=-W6tBxp684d2xhuRtDIG9JhRaaLIP-3DBSje_QHfIeE7OKvIJukKNFCWhAIlxFrbzZ8cbgjVV0U9LvUheEh2dA

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7a143d983d1fb2a154aa65a2aa5c7427156be61812d4b9e7fc3ca4257516b6c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14858
x-xss-protection: 0
x-server-version-bin: CggIBBD/n/yfBg==
server: scaffolding on HTTPServer2
etag: 05d1a5ad51c738112
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 02 Mar 2023 16:16:02 GMT

GET
DATA 200
OK truncated
/ Frame 894A 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 894A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 894A 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 894A 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 data=_qQ2q9EOu_sMuCuIga77HQLc9R1PBLKaOPPtUczcGt0DLzW1QOWiX57D1YrMrymXiDf6-h89Ny3ASZSxoUCk6g
mts0.google.com/vt/ Frame BA38 26 KB
26 KB 170ms
99ms Image
image/png 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=_qQ2q9EOu_sMuCuIga77HQLc9R1PBLKaOPPtUczcGt0DLzW1QOWiX57D1YrMrymXiDf6-h89Ny3ASZSxoUCk6g

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

992ed1960b910c9da9833ed73f9c60d5dd455e082523e842c21b5acee9f940dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=77
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26186
x-xss-protection: 0
x-server-version-bin: CggIBBD/n/yfBg==
server: scaffolding on HTTPServer2
etag: 03c84436b8c4437
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 02 Mar 2023 16:16:02 GMT

GET
DATA 200
OK truncated
/ Frame BA38 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA38 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA38 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BA38 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%...
https://oajs.openx.net/esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%...

85 B
202 B

163ms
162ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&rid=esp&cc=1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 663603ccfb1862545993868a828a95919ecb9904fb214e360756f145852bd121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-QdcLaQ4j5pPJA8mNY0UjlpE8TjE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go284.a7bbab.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 02 Mar 2023 15:16:02 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://go284.a7bbab.com
location: /esp?url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
325 B 46ms
11ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go284.a7bbab.com
date: Thu, 02 Mar 2023 15:16:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 20ms
20ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.dom&eid=16&u=AgAAAAAAAAAAACCA&h=Ag&tc=12&epr=1G.2G&z=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 116ms
29ms XHR
application/json 108.128.57.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.57.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-57-95.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5d7cd179b3f25988d200b60fd7361a5f9276b54f1afafe36b3a90db00c3e5ef7

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache
x-server: 10.45.11.146
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 329 B
424 B 30ms
28ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 532512871aa0028362de282a8720606f711b4cfdecaf8d11b18f136fff916232

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: beb384568d09030e6d09f444dca01bb4
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 107ms
44ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://go284.a7bbab.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://go284.a7bbab.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 02 Mar 2023 15:16:02 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: b190eaeef7d03a1dcc7568b38b9e1bea

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7768 15 KB
6 KB 52ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=go284.a7bbab.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 480263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 206 Gold%20rates4.mp4
play.aniview.com/63e26ea450153dfa9007b615/63f88ba9671544492b05ff96/ 64 KB
0 11ms
11ms Media
video/mp4 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/63e26ea450153dfa9007b615/63f88ba9671544492b05ff96/Gold%20rates4.mp4
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://go284.a7bbab.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=98304-

Response headers

date: Thu, 02 Mar 2023 15:16:02 GMT
x-guploader-uploadid: ADPycds5cZuyPTiHfhZSXNdRjMHhT6LxVYxNBHY6KcL5d-XIDr5E_N0ChwzGWKGMFINS4Hi_V9pGipgiRa88Ff52YXjfAiwaNYjq
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 98304-246710/246711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 148407
last-modified: Fri, 24 Feb 2023 10:04:32 GMT
server: UploadServer
etag: "7dd4395030adfaf4fb6b847d583a6392"
x-goog-generation: 1677233072790619
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=hzeVDg==, md5=fdQ5UDCt+vT7a4R9WDpjkg==
access-control-expose-headers: Content-Type, range
cache-control: max-age=1800
x-hw: 1677770162.dop146.fr8.t,1677770162.cds259.fr8.hn,1677770162.cds257.fr8.c
x-goog-stored-content-length: 246711
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 894A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829526c84b30ce1c9f8107717f3f429dd209d4642cd828742617e9c01ff3c2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BA38 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c23abc5f2651598b06f66e534f5416af39a352261cf91ecb77d231f6776ebbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7CA 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 721B 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C447 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3969 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9A5A 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7768
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=a7bbab.com&sn=ChromeSyncframe&so=0&topUrl=go284.a7bbab.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zdp36nxRb1lZaHBxSDVnZitvejVNbkFWS090NkEyMEJ0S0VkcndiTEx5VXFheTVjTzVxeHh4bEYyemRwS09LOVVGNzY2YVFDS3NZL1hzWm11SVB5MFBqS04zM3pHNkJZQ3Y4YnRUaDlxWDg4ZDAxTXozSTlxK01FZU94Nz...

428 B
656 B

139ms
26ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zdp36nxRb1lZaHBxSDVnZitvejVNbkFWS090NkEyMEJ0S0VkcndiTEx5VXFheTVjTzVxeHh4bEYyemRwS09LOVVGNzY2YVFDS3NZL1hzWm11SVB5MFBqS04zM3pHNkJZQ3Y4YnRUaDlxWDg4ZDAxTXozSTlxK01FZU94NzFIdU1QZHpDbmxrZThBK3hCampnM0grRWxtUUEwTHdkeDR0UlRBTE5vZG44dyt0akNkdjNtQmswbEsrb0JpMXFoa21PQXR2d09lVEVqeUtUYTNucXVZL0hveFh4em52UFFqbVd1NkZ5dzlsWU5HVUJoWCtuMDhaSHRDTHhSVFNDU2N5UjJManJCQXh3UFJNOHREakZZZHJ2b0lZekFydz09fA&cppv=2

Requested by

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8851ab93571578cbb84112300501027a27ad2370f096757faf9dadada3824f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3685367
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zdp36nxRb1lZaHBxSDVnZitvejVNbkFWS090NkEyMEJ0S0VkcndiTEx5VXFheTVjTzVxeHh4bEYyemRwS09LOVVGNzY2YVFDS3NZL1hzWm11SVB5MFBqS04zM3pHNkJZQ3Y4YnRUaDlxWDg4ZDAxTXozSTlxK01FZU94NzFIdU1QZHpDbmxrZThBK3hCampnM0grRWxtUUEwTHdkeDR0UlRBTE5vZG44dyt0akNkdjNtQmswbEsrb0JpMXFoa21PQXR2d09lVEVqeUtUYTNucXVZL0hveFh4em52UFFqbVd1NkZ5dzlsWU5HVUJoWCtuMDhaSHRDTHhSVFNDU2N5UjJManJCQXh3UFJNOHREakZZZHJ2b0lZekFydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 329057
content-length: 0
expires: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame CB56
Redirect Chain

https://cs.admanmedia.com/fa9f4b3548d146d8b0584acce84c4fec.gif?gdpr=1&gdpr_consent=&us_privacy=1---&coppa=0&puid=1677770162771-994587376777-001192-004-009061&redir=https%3A%2F%2Fsync.aniview.com%2F...
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=57&pid=59c9148628a0612da3689288&key=29cac34d-f275-4853-8353-05cc39d99661

0
240 B

206ms
97ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=57&pid=59c9148628a0612da3689288&key=29cac34d-f275-4853-8353-05cc39d99661
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 02 Mar 2023 15:16:03 GMT
Expires: 0
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=57&pid=59c9148628a0612da3689288&key=29cac34d-f275-4853-8353-05cc39d99661
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 050C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

124ms
14ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Mar 2023 15:16:03 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame FCF0 0
0 541ms
173ms Document
text/plain 209.191.163.208
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Thu, 02 Mar 2023 15:16:03 GMT
X-Sovrn-Pod: ad_ap2sfo1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6CBE 16 KB
6 KB 80ms
19ms Document
text/html 23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=74506
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Fri, 03 Mar 2023 11:57:49 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 8552 49 KB
18 KB 299ms
134ms Document
text/html 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 02 Mar 2023 15:16:03 GMT
etag: W/"63e28045-c234"
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AamW8or/wfOh
x-77-nzt-ray: bcd92b1f0d3a8ec6b3bd006469e5a609
x-77-pop: zagrebHR
x-cache: MISS

GET
H2 204 /
onetag-sys.com/usync/ Frame 7A69 0
0 38ms
9ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 0CA5
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D56%26pid%...
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=56&pid=59c9148628a0612da3689288&key=0d8fb9a4-5bf4-4328-b09d-6405bf64d63e&gdpr_consent=null&g...

0
240 B

386ms
98ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=56&pid=59c9148628a0612da3689288&key=0d8fb9a4-5bf4-4328-b09d-6405bf64d63e&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT

Redirect headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=56&pid=59c9148628a0612da3689288&key=0d8fb9a4-5bf4-4328-b09d-6405bf64d63e&gdpr_consent=null&gdpr=1
server: _

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame F8DD
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D52%26key%3DBUYERUID
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=52&key=ua-bd80717b-df6f-3255-bb19-50e796cb5837

0
244 B

93ms
93ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=52&key=ua-bd80717b-df6f-3255-bb19-50e796cb5837
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT

Redirect headers

cache-control: no-store
content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=52&key=ua-bd80717b-df6f-3255-bb19-50e796cb5837
pragma: no-cache
server: nginx/1.22.1

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 2A1A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=cb4fe078891bf26e5cfe8f0575cc94e&_fw_gdpr=1&_fw_gdpr_consent=

0
231 B

313ms
97ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=cb4fe078891bf26e5cfe8f0575cc94e&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 02 Mar 2023 15:16:03 GMT
Expires: Thu, 02 Mar 2023 15:16:03 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=cb4fe078891bf26e5cfe8f0575cc94e&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1677770163108035-414

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 0748 43 B
623 B 169ms
18ms Document
image/gif 2.16.107.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-130.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Mar 2023 15:16:03 GMT
Expires: Thu, 02 Mar 2023 15:16:03 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1677770163088064-429

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 74DF 0
0 68ms
10ms Document
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Thu, 02 Mar 2023 15:16:03 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame FF55
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D10%2...
https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=10&pid=59c9148628a0612da3689288&key=RpO7TzNJYnCL&ev=1&us_privacy=1---&pid=562704

0
208 B

97ms
92ms

Document
text/plain

3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=10&pid=59c9148628a0612da3689288&key=RpO7TzNJYnCL&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-68b8b6bc74-5xj9b
expires: -1
location: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=10&pid=59c9148628a0612da3689288&key=RpO7TzNJYnCL&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.50.v20221201)
strict-transport-security: max-age=15768000

GET
H2 200 avpb7.36.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame CDCB 202 KB
64 KB 24ms
21ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: d69440f62c2f0fa5dab70a4e5201a78f51b4a2cdb7ea6ba62d56152bcc19150c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:36 GMT
etag: "1677660576"
x-hw: 1677770163.dop146.fr8.t,1677770163.cds259.fr8.hn,1677770163.cds166.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 65112

GET
H2 200 avpb7.36.0a3.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame CDCB 64 KB
20 KB 20ms
17ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 507b637b1c4d256d43f0fa5114c1041d439a89e297853e91c95fbb2964bd6543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:35 GMT
etag: "1677660575"
x-hw: 1677770163.dop146.fr8.t,1677770163.cds259.fr8.hn,1677770163.cds336.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 20585

GET
H2 200 avpb7.36.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame CDCB 64 KB
21 KB 20ms
18ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 416d2349f28515c7cb5870cbe2d68ca856da606d52015ab39612fc342ba29984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:35 GMT
etag: "1677660575"
x-hw: 1677770163.dop146.fr8.t,1677770163.cds259.fr8.hn,1677770163.cds336.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 21150

GET
H2 200 avpb7.36.0a7.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame CDCB 63 KB
21 KB 27ms
25ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a7.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 8d3966c2e1d2a7c0de5769081e43965900eba0e8ddf878ebec64c286c583e974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:36 GMT
etag: "1677660576"
x-hw: 1677770163.dop146.fr8.t,1677770163.cds259.fr8.hn,1677770163.cds336.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 21102

GET
H2 200 avpb7.36.0a6.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame CDCB 60 KB
18 KB 22ms
20ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0a6.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 8cedbc8dad336a37838ccda9b0b3424740198deac08c24095f5a57b0dcf3389f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 08:49:35 GMT
etag: "1677660575"
x-hw: 1677770163.dop146.fr8.t,1677770163.cds259.fr8.hn,1677770163.cds055.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 18462

GET
H2 200 / Show response
onetag-sys.com/vast/57e618150c70d90/ 818 B
801 B 21ms
10ms Fetch
application/xml 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&player_width=882&player_height=496&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=7770162994

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

407105bb114565e9fe044471b72463acae496e9eaf83f8048c864cb08681f369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/xml;charset=UTF-8
access-control-allow-origin: https://go284.a7bbab.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 465

GET
H2 200 track
track1.aniview.com/ 0
70 B 94ms
92ms Image
text/plain 184.73.109.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=go284.a7bbab.com&rs=go284.a7bbab.com&sid=51286&t=1677770162&cip=81.95.5.38&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=882&he=496&app=&AV_PUBLISHERID=63e26ea450153dfa9007b615&test=&d64=33e72196f994ad0f1c29c4edd5e657ee&d63=33e72196f994ad0f1c29c4edd5e657ee&aafaid=&proto=https&uid=1677770162771-994587376777-001192-004-009061&cha=0.7&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&d35=&d36=6.2.86&cb=76650822669&d39=&d65=&d66=8.2.12&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=0&prbdsup=whiteOps&d16=2&d37=realtime&pt=2&d66=8.2.12&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&cvid=&cpid=&str=external&AV_WIDTH=882&AV_HEIGHT=496&nid=63e26ea450153dfa9007b615&ncid=63e45f60d4c09df37c051e35&e=request&cb=1677770162995&asid=63e55c46552a7792500971c8&ofpr=&fpo=&ri=1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.109.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-109-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
94ms Image
text/plain 184.73.109.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=go284.a7bbab.com&rs=go284.a7bbab.com&sid=51286&t=1677770162&cip=81.95.5.38&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=882&he=496&app=&AV_PUBLISHERID=63e26ea450153dfa9007b615&test=&d64=33e72196f994ad0f1c29c4edd5e657ee&d63=33e72196f994ad0f1c29c4edd5e657ee&aafaid=&proto=https&uid=1677770162771-994587376777-001192-004-009061&cha=0.7&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&d35=&d36=6.2.86&cb=76650822669&d39=&d65=&d66=8.2.12&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=0&prbdsup=whiteOps&d16=2&d37=realtime&pt=2&d66=8.2.12&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&cvid=&cpid=&str=external&AV_WIDTH=882&AV_HEIGHT=496&&copid=63e26ea450153dfa9007b615&nid=59c9148628a0612da3689288&cocid=63e45f60d4c09df37c051e35&ncid=63e5061b36288e91600ffd94&coasid=63e50670baa306bb0b0ce1b4&e=request&cb=1677770162997&asid=640066b4485a4310c601a725%2C63f724325396f3ce03062126%2C63ef3d351d4d5c492e0e302f%2C63f60013b19c4ff632077704%2C63ece8059e822e18a70b9d45%2C63f60f2e24a6dfac1e04e1f3%2C63ee76f6b0840224bc0040ea%2C63ef3d030574ed79c70c6256&ofpr=%2C%2C0.3%2C0.35%2C0.75%2C0.3%2C0.25243%2C&fpo=%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.109.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-109-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8379 624 B
245 B 51ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNVXeAlpc3ik5k_wyvyiHAxxbaqB_MZazsPM8YjK8lIspmNnynA_xAJhEDvT2lcX1LrH4yWDHUb3i8bn8Hf6SY7nXtr7BRgXXZOHcUicBZfyBED_UYYJVmpbJlo7QTIAymdPvDs-ZdQVny3pWSFU0NVm4gf2BQkMUSxXBDBDICpBOpisoP0

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Thu, 02 Mar 2023 15:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B7CA 78 KB
27 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CA 42 B
63 B 110ms
109ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Amb63Z31mc3tc8CNE0YxCwxyctvNBC3fRpI6paBodJaaqw6DgqphlhXL3aq6HPgbg5Bxin2Ed81NRACzFH-VcsqFiiGqbVCdygDQYR2clJqh92tyA

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CA 0
20 B 110ms
109ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5239219827217091485&x=1&ct=76

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame B7CA 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame B7CA 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7CA 158 KB
49 KB 84ms
83ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DE4 640 B
265 B 46ms
44ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Thu, 02 Mar 2023 15:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 721B 78 KB
27 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 42 B
63 B 110ms
108ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZt-vIsAbVwc5-n5lEmEbjlXVatXJuZqJ7qj4H-xJ067sQ9n5VKj-cDz6cl49Fja_VwYuGfzDagkdJEC4GvRC6jPBZ_AyS_DvfKipt7Cj7F2rNPqQ

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 114ms
112ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17268013060971101298&x=1&ct=76

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 721B 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 721B 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 721B 158 KB
48 KB 124ms
122ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D3AD 624 B
245 B 51ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARisge3eATAB&v=APEucNXgkDeVIiLzs9fsLxwEWt0YvpsFHuaMm3ufZCzw-NrAt1WnF2chZ2HNN3GZTVNJBeb-sR6w4v8YVI3sJyGaOTmg4A2RWB7N19vkXDAepmiPQLq-788HuQfZwa5CFi_nbe4hpxyH05RA1nEoFA80gS1On6-B0PHBASXoUoWn7mqIdMFtQd4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Thu, 02 Mar 2023 15:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ABA4 78 KB
27 KB 145ms
144ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame ABA4 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame ABA4 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABA4 158 KB
48 KB 123ms
120ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA4 42 B
63 B 112ms
110ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Akrd2xLxatJ2ELVIMb9d7S6huvBcBU0g-7VGXqpnn5JZTUaNT8rFLrW7-bsqNK-27DSeRP6RU3_Eb6tV3-61rgffVRDgGG3nMhOJ8IicDRbXlbvuo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA4 0
20 B 116ms
114ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11846592105525068804&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3969 4 KB
636 B 46ms
45ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:26:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 1E87 10 KB
4 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:18:02 GMT

GET
H2 200 164715e9a72d7bd173c872e14587b581.js Show response
www.gstatic.com/mysidia/ Frame 1E87 19 KB
8 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0093df26b73c46a3dcb4faa9d4601fbd0dc02daf3944b55d80e26453459665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7929
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:48:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E87 8 KB
895 B 51ms
46ms Stylesheet
text/css 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 13:27:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1E87 2 KB
765 B 28ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:42:40 GMT

GET
H2 200 e9aff91b4641aa9f021dfc8c8beac945.js Show response
www.gstatic.com/mysidia/ Frame 1E87 6 KB
2 KB 27ms
19ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9aff91b4641aa9f021dfc8c8beac945.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2362
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:37:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 1E87 22 KB
9 KB 28ms
24ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1E87 3 KB
1 KB 54ms
50ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1E87 20 KB
8 KB 29ms
25ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E87 158 KB
48 KB 121ms
117ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 1E87 34 KB
14 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 05:29:23 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 3969 20 KB
8 KB 33ms
28ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8556
x-xss-protection: 0
server: cafe
etag: 12004167960083760723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 21:21:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3969 205 B
518 B 21ms
11ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:39:36 GMT
x-content-type-options: nosniff
age: 9387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Mar 2024 12:39:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3969 604 B
694 B 21ms
12ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:05:10 GMT
x-content-type-options: nosniff
age: 653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Mar 2024 15:05:10 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9A5A 36 KB
14 KB 33ms
26ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f42a17e29b3236e6fae24606eb104415b27f9a89c0991f0d1caafe3a8570d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14353
x-xss-protection: 0
server: cafe
etag: 5968125532832418021
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 11:42:13 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9A5A 24 KB
6 KB 38ms
31ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A5A 158 KB
48 KB 94ms
88ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 9A5A 22 KB
9 KB 42ms
35ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9A5A 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9A5A 20 KB
8 KB 46ms
39ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8379
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNVXeAlpc3ik5k_wyvyiHAxxbaqB_MZazsPM8YjK8lIspmNnynA_xAJhEDvT2lcX1LrH4yWDHUb3i8bn8Hf6SY7nXtr7BRgXXZOHcUicBZfyBED_UYYJVmpbJlo7QTIAymdPvDs-ZdQVny3pWSFU0NVm4gf2BQkMUSxXBDBDICpBOpisoP0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8379
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAC9s68NJNXeEjFsaQooEgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

43 B
766 B

12ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNVXeAlpc3ik5k_wyvyiHAxxbaqB_MZazsPM8YjK8lIspmNnynA_xAJhEDvT2lcX1LrH4yWDHUb3i8bn8Hf6SY7nXtr7BRgXXZOHcUicBZfyBED_UYYJVmpbJlo7QTIAymdPvDs-ZdQVny3pWSFU0NVm4gf2BQkMUSxXBDBDICpBOpisoP0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8379
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

43 B
1 KB

49ms
30ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNVXeAlpc3ik5k_wyvyiHAxxbaqB_MZazsPM8YjK8lIspmNnynA_xAJhEDvT2lcX1LrH4yWDHUb3i8bn8Hf6SY7nXtr7BRgXXZOHcUicBZfyBED_UYYJVmpbJlo7QTIAymdPvDs-ZdQVny3pWSFU0NVm4gf2BQkMUSxXBDBDICpBOpisoP0

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
AN-X-Request-Uuid: 6448ba4b-e164-4a41-b43d-9edec85228ac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8379
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

170 B
232 B

49ms
43ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 15:16:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 71ef40a4-ac0f-44cf-afbd-c31a072ea7f1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9DE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPUBwIdujsDmYuyNUn_Slj0&google_cver=1

43 B
114 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPUBwIdujsDmYuyNUn_Slj0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPUBwIdujsDmYuyNUn_Slj0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9DE4 43 B
304 B 168ms
24ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 9DE4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEo3g3AdIDvkTAOKZacyjhg&google_cver=1

23 B
172 B

57ms
57ms

Image
image/gif

23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEo3g3AdIDvkTAOKZacyjhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U
Protocol: H2
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 15:16:03 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEo3g3AdIDvkTAOKZacyjhg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9DE4 23 B
172 B 162ms
58ms Image
image/gif 23.203.125.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiBhe3eATAB&v=APEucNW_PEeOxfJrqi1mPNRQeEtdtyx9tJH412RceoUToxOywRogX7eVZqdpnGU2H3lAHbyHICWTM--8TLNGNjg7xNZn5GOc2do6OYQzgpCbcHEnOQClMlk-66Dsh-UhGAiNxPLYo3Vk2YKzmfdArXTL_OHtGLnXzHRV5s8oVgfk8hNuHFfNV0U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-36.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 02 Mar 2023 15:16:03 GMT
pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6CBE 0
42 B 179ms
13ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43840827&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-length: 0

GET ads
googleads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 894A 28 KB
28 KB 24ms
23ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 82554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:20:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

43 B
766 B

20ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARisge3eATAB&v=APEucNXgkDeVIiLzs9fsLxwEWt0YvpsFHuaMm3ufZCzw-NrAt1WnF2chZ2HNN3GZTVNJBeb-sR6w4v8YVI3sJyGaOTmg4A2RWB7N19vkXDAepmiPQLq-788HuQfZwa5CFi_nbe4hpxyH05RA1nEoFA80gS1On6-B0PHBASXoUoWn7mqIdMFtQd4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D3AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAC9s68NJNXeEjFsaQooEgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARisge3eATAB&v=APEucNXgkDeVIiLzs9fsLxwEWt0YvpsFHuaMm3ufZCzw-NrAt1WnF2chZ2HNN3GZTVNJBeb-sR6w4v8YVI3sJyGaOTmg4A2RWB7N19vkXDAepmiPQLq-788HuQfZwa5CFi_nbe4hpxyH05RA1nEoFA80gS1On6-B0PHBASXoUoWn7mqIdMFtQd4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=493
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPQSdXFbndERH9Dc7VfTaTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D3AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

43 B
1 KB

51ms
21ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARisge3eATAB&v=APEucNXgkDeVIiLzs9fsLxwEWt0YvpsFHuaMm3ufZCzw-NrAt1WnF2chZ2HNN3GZTVNJBeb-sR6w4v8YVI3sJyGaOTmg4A2RWB7N19vkXDAepmiPQLq-788HuQfZwa5CFi_nbe4hpxyH05RA1nEoFA80gS1On6-B0PHBASXoUoWn7mqIdMFtQd4

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 15:16:03 GMT
AN-X-Request-Uuid: 092a0ed6-e0b1-472a-bf09-1288f768b076
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEItxM_rNQKkzt7TAoeck8YY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D3AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

170 B
243 B

48ms
47ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 15:16:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0be511a5-5392-4952-aff7-9adc06a81aa3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMzNjQ2Nzk2MTM2Mzc4OTMyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BA38 28 KB
28 KB 28ms
27ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 82554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:20:09 GMT

GET ads
googleads.g.doubleclick.net/pagead/ 0
0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CA 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8916044184082&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CA 0
20 B 109ms
108ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8916044184082&version=m202301230201&ct=76&x=1&cor=5239219827217092000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B7CA 88 KB
36 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq5sIAz2OS86PX1v6IVdR7lgV4oYVY8MvCdTFXvQ6WJ7Nw_4_P2ZU_rmBUG8krqi7POFEbDKzxa6HrjDddUWczsGkCOSKGb9_Zs_QAgKmjGiW4N6s&cry=1&dbm_d=AKAmf-Dca4EaXemSpY3bgGsYt-JstDBoOP3XK9Fc1AhgtfwcrWe8-vVfNYb38Q6WqUV4FBx0G9qBBbkvkRtnV4tD_gVOSbyoJcf1MPBZXHDxQzLBulsXHzXJS-Bzx6mtCTWcZF4Mv-7Vat0XTWQCX6kCrggDHk_5OyVkre8hSNDJcMTuXofHsO-WCKZ5gX9rvC8zLGQYxLP2tH3pmCe5zYz1Bk_04ZhqyYeTUtko8fQll9_vpDpgANOss0c5nVkvplS3bXyX7SWsTsth2Ysp59NO9kPWqrLd6JQZwGZZR1_wFgVxV6mnGQ19qBmNhsnRXADxNFfDO22-qzmOMVtvHKOVWuRv-7A-wQGHou2SoKCCpXjCZwggvQ0hrILAm-hOiz3AiVrbzHFTAb4N_O-jFJU6gE6L1KR-ZlaUs2g6OL3AZOfQRR88N6Q4OvAY1tErRJCN0EqPiG_VV3hd63n-EBsAAwSnGdPT9Y3vNj5lv_eDAgAPhjrExqYpa6_C32O7ND65F6NUIykZRa-C6ihoOqnDvfi11Kf40KP5ZxljMbZ2jpr_dui-a0olD1VRK6yPL9iFfsxlR26FdQIoGiWe2k3L2eIlGkNO8CigNbUDqOl3Xn_zK74i7DItUBA6HVeUvVHV3GPs-It_QiviS5INz82DL8HkKjV5ZnSTaHQEHWRCY4Xa1aB-D3lYCv-ShdywmPeXA676ICo8SuXz9iRfbuUPY1CQIrxdtu9L48BFdkpehwdI7AKGL1yu_A64SNpOUrjQFLAK7GJVyZbMx3GxlI_4k14umfgGyoSRkKKQbqm6oBnpdr-aOSyiU2ZVDme-rnlzGYs2FxULzAqJUIkfPTpHCJnQYS0-rhgGVMXmrqJwEVa2qtxz4IxlXMF_e5E3-D9bMUPrxFLvxyV1SyoAxDZWvGJotxNfgI0suEd6WFcE-kfLpTJV3jW1hRfV7iJSWoPGimLX1J0SA01o7XIkb3QcYvyGXfq5RcmcWGBZ_IzXtucCTDWlr1A2EfTJdILs7ExOyVGGIqsLY_tw3ShLAAOi19CYheNI-CKTiGDGddPrxphAt26zfik-8gmj341MlwUEz3svhkYj2ihkvtcSz4lzgJ0zFYVeQ0vnk6sLZyaaFXVIS5uPu5tPbzrR3QdmaMnnZ5VNuBnYlv0VaN0pTz851fy_Yjk0VJGzG13UksfNdaUfqflnWUDuXr61CueV8b27yViPxL084newjCWrCmiHFxN026lEu_3yzzARSH4T-oB1QT6i1X-kA6vbr0ItRommbFXcvfJgsu8-berPO2iUYveejEUTHG9v0oBQ-Spm_RDe5C4_7At1VBi7rkGCKGT2qQKuDm5G6PnRg-ub6zCTQlHmYMrX7WBNxofPGcHkoyZnmkzZycuiZEaQNXOIycVh4V_N5HqarWQZOgY6GdK8-S0gyS5WeSNHIsfnJE4hI6ktE7aokf5MHnUko5USVHO2zIIWVBisYgykqD8zO3WThJaWukFOHMPBjZ-gR_Te5x__SHZVfq1-VwYge1fW6daworwpnIQ4Jd9vaHryLtCXr2vqqt8kqs0mbreYkrAeJOw6uiTNliwQWg8TTnlJJigW2-6ALG8rpaZcZmseLPi1lGjDEjsCN5kS1pu1HUf7jaCBnnDkNyBsCGS_qw7pHBj2PgMxeFmT4tsHMY6zj7N-qB762Z65meSBPiLUTDMG__Mov9nIDPG_cRsKLXa0CFoIcdMsCGvuGKE4EGt5cmJWXC9wEq3PvaTxy1gh1qTV-CcBeudEKr01Rm6ldoVcwyjZtTP3v7RmL_az7Y04Zym2Gk-HDSWFVHztpagzU29i2W0OqIrAL4G6cmN_eY_zwuwwL0gPiAXYSJrwNTxpYOKVaqJay0Ra6rGo5xuMQVoecbW_yVJAw8XzKZK8YT6V3SXBnr3JrxdHEvMsBXDZEoqbW-ziRDXqOjhSc69VmjyMYnftEeeDlbrPM4K152exMrDfMxHXIRm1klUvPMGl5uUV-jqJBK31bs5PNRJdFnBlF_LOmI6Qlv5ajdgZr8xuSfm4j7RnYl3a7fLzRwk2r2YoM4czUtFrvaV3ZZtT5wKmilVK3wxl9KlVNZkjVpo7qxJrXKZ2xXm-92l2jnD042MrShMriESQcGo4Fz3xjedE7wJGiMxjyI2jhQBMnVtjbnsLqcwK_dNhicubXMT6Lrk6HDZW9PjzcJCNpvNkIflyIHjTThEDF28z-UWWqihl9GAvc30gQYKv5jO1YWKzwpbCNlZiD6TXiKmBTXIqP5xbO6w_H8HPZ8Ni2bGk_2z9Bm8x3bGJrXLVU5Xl6AZsBHh-2HUaM-Rk7rN1onhxHG24OzYnRQmWXg8j2L9Jp1OXKpFOCE4ghbtQnGma4je22ZTUJxKID1E_13Zt2w_y02I-YL1HBVSTF_rCp8jvie0OswMm0JQg78XWp2CT_C5orlX6Ks1BayWhbgJkEq_u9HMZuiajulsSZbOXQ5qM3ueBSdm6vSzfgCsX9DSSq3Umy9kTYby6zFS7WI5h9R6NY9xs4aPBlqnoVp0Td9mWSPMVzcUaLpOI1FsUNb9bR7HhngvZZZy-j3CuOHZPmszaFWXI4eRRCWNVhsUuwnDQvypE3JGdG61AoaC1LSWuwAFx32aSNXnd1Tf4vTNG5QavTvMJl_VKrhdVEZ1n60RmMb-AZATMIUXpQm45QmpiDvcHLYKDxxPMcu4OWfelPvmnSL6Xpvs-yRwkiEoISMrs_b7jG53dtUGxpDP5yC0mIr7xE_kLx4f5EH9U9WQazfNASreUMMN6YAUXPo_ngsAO0q3namL_20xZQeVKMsJBFUW7GMusZplaQ11HLoKyrXDVDS2Fu5huc82RqSmWIJyiz93xPy-UCq9QR0ft5GtbbuJGqahbLDjc8FSwNUGNhEHm_O_U5zleihny3SLVBJ_DyB5UHqJnQTMpxYKO_RKMtBpYaZQfNcDJWWsGu_LErZwHmnYH7_R908JJpvVDkBFuhji8AxNuJbZuXbiMbCbbVln8aZRinxcEnb5DVhRVRHe2nEEwSqcEDV6Ccib_vqiFG26_QfHBbMc3K4ayxnXDB-Z2r81enqkg_kYNwnt9jDQpbHshGbtteZpFt5z1dSb4T4v8TeQLuAz0_nYhA5numkMHgLcEK6HN66aOIgoeO7B5zFxIzfBy87ux17zUe5lC5pIhNuAnoXGyp3k5N2BOtJpn2xIaw11A7I-fRTP_lkOCr35Gbt6k_CROBu_9FTYo8L2wiP7jaEXOK_-fr48kdzj_oLyJqHyRAKQ9Udl5E_UD1Z6kBV9eOKEbHnkp8ZfyyEIJJkEBOlr9DL9-0I0x21Nu7ODv42s1uxB7UBmc1Vv0slThRZ2jJ7JVRGUz_kJd4Q-znkQ7UxLHDMVYFQmggmbJ5rlaKLg4vqtlLs7xwIwlL81GnxkjFbwQf4crnKMYDA35V4q4m2-HIrRRsZQHJ_cjiBEvVraFCk7rF8IJwI1UUqZaIKtWgnXqeT7xHzh9H8w82UvR-5kEqejOX2uDIObf30s14KmHFuw-5OXheNBJWCQuiAj_xJN0wYvjB7WlD_rI90OHjRa2AZ6kwwH4-rvF5bY-1tzWaGdU9kara12wwHZReQtsPDNhJNBuBUZOmOjQklky49dzW6C6SalS4wWmS98B6TaZMcfLS73oLl7Az5vHQSSeZBT_qjTDPVYg330qrIYJ9OwRQAbP&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=5239219827217092000&adk=2086295851&idt=124&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733aaa413a7424ac029dddb5539186cdce36af645e4abe38307b684cab58df56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36836
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F435 143 B
166 B 8ms
8ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
212 B 84ms
21ms XHR
text/plain 52.57.130.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=15013&adtype=video&auc=63e50670baa306bb0b0ce1b4%7C63ee76f6b0840224bc0040ea&w=882&h=496&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&l=en&dt=1&pid=62133&requestId=282c580350231&schain=%5Bobject%20Object%5D&bidfloor=0&d=a7bbab.com&sp=https%253A%252F%252Fgo284.a7bbab.com%252F15198%252F2021%252F%2525D9%252582%2525D9%252585-%2525D8%2525A8%2525D8%2525A7%2525D8%2525AE%2525D8%2525AA%2525D9%25258A%2525D8%2525A7%2525D8%2525B1-%2525D8%2525A7%2525D8%2525AD%2525D8%2525AF-%2525D8%2525A7%2525D9%252584%2525D8%2525A7%2525D8%2525B4%2525D9%252583%2525D8%2525A7%2525D9%252584-%2525D9%252588%2525D9%252586%2525D8%2525AD%2525D9%252586-%2525D8%2525B3%2525D9%252586%2525D8%2525AE%2525D8%2525A8%2525D8%2525B1%2525D9%252583-%2525D8%2525A8%2525D8%2525B7%2525D8%2525A8%252F&usp=&coppa=false&videoContext=instream
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.130.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go284.a7bbab.com
date: Thu, 02 Mar 2023 15:16:03 GMT
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 13ms
12ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://go284.a7bbab.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 23 B
239 B 261ms
10ms XHR
application/json 3.123.121.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.121.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-121-27.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f756544bd7dc1b1638110909d68b953e541b907ab09a2da9a4b8aa5926e2acb8

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go284.a7bbab.com
date: Thu, 02 Mar 2023 15:16:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 48
content-type: application/json

POST
H2 204 prebidvideo Show response
ads.yieldmo.com/exchange/ 0
195 B 242ms
38ms XHR
text/plain 54.195.241.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebidvideo
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.241.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-241-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go284.a7bbab.com
pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
195 B 100ms
83ms XHR
text/plain 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://go284.a7bbab.com
date: Thu, 02 Mar 2023 15:16:03 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 244ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://go284.a7bbab.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://go284.a7bbab.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 02 Mar 2023 15:16:03 GMT
server: ATS/9.1.10.25

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 64F3 36 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H2 200 14226682056377841236
s0.2mdn.net/simgad/ Frame 9A5A 368 KB
368 KB 130ms
49ms Image
image/jpeg 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14226682056377841236

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc495986f8b1ef9c657cba9e0ca59551080838d525ad9a3bb949164dab681d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:42:23 GMT
x-content-type-options: nosniff
age: 92020
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 376768
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 08:49:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 13:42:23 GMT

GET
H2 200 10848439780920780941
s0.2mdn.net/simgad/ Frame 9A5A 48 KB
48 KB 101ms
21ms Image
image/jpeg 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10848439780920780941

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c6b077eaedd51e73b0d8d6728f47261efe4a904a77a4fe4e1fb4be24cecfaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:31:28 GMT
x-content-type-options: nosniff
age: 89075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48660
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 08:49:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 14:31:28 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A5A 42 B
63 B 38ms
33ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWy33EZbGsnZavroPZ12GiDu5ZX6OdnS6gzBHJZmJrf_4GgeQBBUDcyELOic6q8ygXT6x7QBmfuRv9LBhLS2-ulIaljxACARUih7TAN02oDgKiapWM19FXCGtLiuiaSu_zE5_bvVMzUDHi1VfLWpAK4orhtQ&dbm_d=AKAmf-CgkMTwYvQyOerTigUtTbAOnDpBATSNTCc13OSq_ceBlSRn52HrA35-loCt1a5B7H9N2beNCPNU66MiVfGLP9geQiAaYZ-5SGfDwDVGM6gS2UvGtS1LVrn_YY66cLw_IDUn9xRepduyy1nb03e8MxWP5vofMAHDakRKl6mBbNmyXGQrwQSoeUGM9rDKetCABt4k7yLOjl0tBrNDdkLXSymIL-PhKDrm-R8bXPHUpucmNIGEqR5IqIeIeBxxrdCcYOoU8g6f68Y4i5D9e1jq8o9AFbHtzt7FcE9-pVsnGUs63T8VuftqBuA0DcQjlngtkaoB8zarih3YUoOjuxNeyoBWmdvt60eW3RvbGLppo2U0pdNNY4Oswb8S2UCsLRcRHF6_DKf295oF30lxGZegzEBUTwbOs-C5RykufGYiYft_viWKDBgh-haG5-oxNaPcDXROkdiGdMTDayZL-YZuz5k3eJl8D9PD3SGWb_WNr772TBjikBOD3rqNQda10t51Bi1N7IHM1KN2Jav96dsNrNexuKqpiewqXfbg0ZE8CB1ABYXbWE-6Kub1nRErgY9G7V8rGNB2poxfUMMQWQhmIkQ_9RpPVnWVfH5g9EjlX0oePxPAVovqkBiXJbQUOZJwNKj6aLOPkPhiNIXt30UdDvJNkT38jOplzkx8mOvf8QaFqEinCu95fKixaqmpaaKWCqxRmSaF0Mw0ttgeLZ1PHLXWFSoBEsuWqBQ6pwmMlD8bKLuyrPk8pgqLfUZYX1cVx94sasEAbNlmH5245pkPvFdiHoLhnmaA02wSuHpbF-rIpxmcsf4khi-Q64T7IE1d9izZkMXBC-qOWNNItwTl0CDoz3Wh1UVwsnT72mGm4kpVFqYecdzlS1X1Hqc7YsnsoLkmPqH2byLYJJXf9B7hctK3EglPrie3z4XC1sgpPpjRCj5pfqKvw8QFqatHpa3z0GKi0QIsJ2LzLlU9r_zjF9s0F2wonl7wquXJECTCMonlKLeJkfMddNhpwUWRwvJYNsCEbApRA4Hj3Z2esUOAerYspmzyFo_2y6-aTpnnQfqJSrQ2NLCnAZjudRbX-57ulrP8ClmSLixyqq1lc42w_T54mQKYA-cb4jxN_QUzuMZNUVyK4kwwI8lgnpncVaHwhzCj07Vj0FkBH4GL1d4HTCfw2tBtv6SVDU8ZPOzGIJHRuGTvd2JmCxU7yILfF9fBaE-MD-kRgN6KUOEwcuD-uU7bjIrNUnhIfEPJWeI7t2irTHAH-0CRzbRI26O9eTDs035FwncshRhXt5rOgFb8hQYwkRe05Zi7Kkh5YusJKrmqz_5oomYwRNihchx17iWB06wt1aC2nG2C_bzxpCAXO11drsgoCDxX7jm_76BflYW1kZadCcEbBEo4FXzfr7DCNr8mcj0M9MPo7txNe92d8RftHbS8HCFDDdgbVddI8f99FsFsaRxrjt29KqEmop2jwoyvpO22a_LSwqgLHd8pL9hyTrXCw2eIsJ0wHP5SmY6Q42oWSG6Ff1MXPOQOTJLMrIf8RwtlyVPRrMNG33LNjCEgh752Oldm62zWzS4pHT69qHiVDeYxORDvEmAt21h-lN1ijnUlg2jtAyRZnDYp3n_hWWTa4wTCnIYo5CLgYbE1GJO45feRmaa2lUFffmT6P4oERAV8Pi9f7QOKo4CDbkftgJ9bnPy1BeIQdAlMxpgnTtpaR65DaYtQT-WL1d4cTm3dkGXarWwA5MUbmEzFv6sKQ6G-f-g0yCuaY8nyT01TMegO_JOGnBDcEDornD-62A2x4EyruMXA4sof1G88KVMvJSrfyWNLQkuCj7vfGy1oJm-yZ_5p4PDtbiAn9TUgshEQicbqOBBor-A7_Tg267HN-LX19kfou5AVH17ohDhzvSmI20evzmqAp2YQD-iMwO5Hba6i3criqNN-VjvxGG_9P1KSWbdoA4IedQsiL9VnR6xlLQuchhYYhmHvcb_bTqCNeCYqxAzNkY0wUiWd0iSG4AxYDnZ61wGaZG1SHUXSvmByIrMug7Qg1k0cwTK3E_Lw-SZVAAfG8wQjT9AcRxFIJ1mGHbAPn-PgpxxNetgH52qYJx2661YcDnNVjD2pBKBpwfgguGucfBBiNksnQZqwNAKio3VGYIHH9CUmYh-nwxfLW_6M4jGsRny8n00ighfbWldvqCifSdUpc7kLIaVZqcNQ__7ymQiabUdtOuMRsS35X_w4fWocrvAOZPGXVQJ3kIbHj6zMevvM3gnHkQGMlrm7roKMDZybeXzdRUtZZRQn2zJA3EJtmKQKcMuenfCsJQvUvRszW-vCAPQSXe4y97HY4dbB-UKPMVGfdqVbjULZkeEjlvsnzMy_uBCRcEfmh0D7AMjrL8vJ3iJyPZkgZUJrSz7p0hVQLQFmJ22wFOdKuSScKjB7ds7n0t4sVSkPpGEEyiD2WUrDxgX1Cfwylgs4V-Nz2i6RJ--pukIflecMX78c-dA8f-pqNKL41fUEcio2csK5rM3p0pJyMYhA6BBMDDNY8mS5K4ZuQPfDjH3na1BpxFYMer8yqqnHAiWiyV5yMXEylhdSVOeahyGZqsnGCH5h1Z5m8unTaOkE2o-dFvqC5ua7bIXudlLKq3CzgZPSUuK2qocBl7E-RpI0Ggtfra-ubKdFZX5Li8GnbPWbmM4E5QDHiGY48TFsmILmMC3uDhhPmEAreUNchtBZSynHDGttdVSdOMQFbGN5ScKLkWzPMMpw80LzzgZHH9Xjfs0qRWnLaRsrymhbEAxn_rPL3SiHK-pL2T-H2iqF21Ikn1UdckeuDe30LgYMTRiKN2guQRBMRpoDeEmMWykb2JnOlp0gZljpMKv0qvq5hMr6F0WuK7EV46NkCIlfJIox0TNUGZq74-0KaX26DUU-K4q5yEZaspaNk_MI7_-CSjWJ6u7M-qe6gOM4nVziHWOmKTwP6Or8TYmOOTGFiqAw1K_RTqzNI8rUUvv_7sstW-4qul_HU4Y_BY3TO2v7W31YbM246N5tas-AE0oCAsrgtZHIF2GaBYWM6U2IbeVSp9Cgqwtbgbk7Kev6VOdzUw27sKx-VeqxTn7NYAJiKzFFCkbqLkskJ9G3WbJAoyQ9yxmXsHr4s7vsLrpBJ5zAkHJgIhmlCxlnxMG0K1x6NxNSwIzKQGllBA8k-EVALQ42T3c0VtyQlaZ2lhwN75oO8YXYT9FRn8IEVOGxBCALmo6QCcP1mxl0wz2hiWhgIfI4Y7w77tQmwaFY39mIWBY1TPXqsb_K_cjq-baKBcRbFynswJhqjWc1ekJ2i491DxNWcaiKY1wcgWcSNsBz40yzXL8mwO6xFC_nDsrGh_4hLq-iq42SGLyR4mAuwY8fT8HWhcojKbTySfmSUtzIe2OV73KmWwwL6ZEMpbNCwA__92sdz0oZQ6V9Cb3X8pUvmUhRU27tY50G1F1U3KSLJZ3BBU3Unr6rA5GUwI98bB5HEk89pZyxrPTtEKP8P-TWP4PUTlO6CUoUykm7pz_EKoimVqxUoHe8Lq0ypQFjndAo4PSTEX7o76Kja8ljaAkT7PeUUV3NQVKbC_nZIjPqVP_6hfiDxpuMyfYtCDU2cCn21RnL18BlLXajIWYXdreei4nddQnKCcBe08jsAYsVYy8HHyycsegPIP1ouIjLoJFuleAF1WOmwUv3CSAoeQKXMr3uyuoKxHkUoTBQ3GLCT3qNiwteAFRzCxHupt0AxEIEvJXcafedy7lxdlZlAC3kLsU1W5FzBg_ThV8iSRxEjXBoTlZ7O4RlaCEOLbDUHkPwNqTMaA8RUSUzO9DuhHAA2jifUn0L_ufNZMzXrpQiNUx60l4v3_cFJuhPQ_ct07xR3IVE6YtQT26RsL8N0h82JM-zPnnYS6o&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dc_exteid=1081153650625432279&dc_pubid=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B29108248.360383210;dc_pre=CLbq6_TEvf0CFXDwEQgdPAYEug;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/ Frame 9A5A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_pre=CLbq6_TEvf0CFXDwEQgdPAYEug;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag...

42 B
118 B

54ms
54ms

Fetch
image/gif

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_pre=CLbq6_TEvf0CFXDwEQgdPAYEug;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1879091.4717738DV360-PR/B29108248.360383210;dc_pre=CLbq6_TEvf0CFXDwEQgdPAYEug;dc_trk_aid=551400027;dc_trk_cid=184439416;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9A5A 0
0 50ms
45ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvsn7sb0AZJ_pPIj-7_UP9LC_iA7-geuib-aIu8OSEeqf3KDUARABIKzHux5glcqogrAHoAHDjKOMKcgBBqkCri_P9q_OsT6oAwGqBOABT9DPSrjqNU8vC81Uwi1dIVrJp3K1yqsO858XFOMc8daWCrlaHYKBEZU1jjkdjHmoVy9vudaAxxc2Fw-urlymRDHqVp26xCx8g5bSR70n4PyrreP6igUYViO-JG_rSk6dTF7DTJP47LUwlag8pcWVgkEkf9D_QVBE81-ixVcFhfuAtTk9Hp4S5wClvQH38yrc95DflKVZcl6OBaexYGaJ1meD_eGIeDfEs4TLdngSdVMFnGx1i_JJtNS-5tAKsrFR1EoOcS-W9IYo5ZgttgSgVXsWg079UoQ6YfZ7WkVptuHABIeiiIWnBOAEA4gF8suctUeSBQQIAxgMkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfDxPPrA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKELz_chiLvIriAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBPs77cSyBP7scrhA9ATANgTCtgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMTA2NzQwNzg5MDg5NDM3GMKbIugXAQ&sigh=c40q4Gu64BY&uach_m=[UACH]&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&template_id=509&vt=10
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 4B74 0
91 B 58ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 02 Mar 2023 15:16:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 050C 33 KB
10 KB 20ms
20ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1c0830e96dc0c59c5db68e1a263182f1bb76341463a3a6d86e6d4dbe45e88b99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 15:16:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 14:29:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=83626
Connection: keep-alive
Content-Length: 10006
Expires: Fri, 03 Mar 2023 14:29:49 GMT

GET
H3 200 container.html Show response
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E83 6 KB
3 KB 25ms
23ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:02 GMT
expires: Fri, 01 Mar 2024 15:16:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4437207226744&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4437207226744&version=m202301230201&ct=76&x=1&cor=17268013060971102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 721B 88 KB
36 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCRN22y0s4ih0NcuMs6NdYVYa5TF31K-Hr2z4e7H2uW_GB4n_4sWmDJuhpisfkjHDSQmVjQ_kw6VWPSi2W61hYRIov7k3Wcq5NQnbU2rxExHrKVQs&cry=1&dbm_d=AKAmf-DeRdrIhp-wHy-EtLh-IxjiCRLo5oOb4eFcOfvjPUIAFgC_fbITH5_bA_Iwb-_IaE19XPQrjH588HNawesZklBEDhJbAYOrVx9VZfYj7ARDEgD-1VdoWHSiivFc7GL4YrgcrkNkE9RzJ0wmic0RbM1yEU6DfXIOi4o6RNGLTxxKP-ZBCnrKe-zSMRL4WxF0ZkgfW3KV9OppZnjOosURQB8uY-qtcfiYdf0BMPIc23Ol_2gCaFr2UDVTn_SY304NgPf0suU2xxoLzJy7HgEKlYc3Z1SDI-6ZCDsvRuvR8LFFyFd8fj39SSxziiAdtQ6_XUCTvb-_vMB9Jp3LDjO3eNEj1ChAij-iumrH_nWK5C2mTBVW5HTXoYI2m0q6bGOz7D_sFEoy6W35OH1CM2XZsNSwknr9cOgfq4deuO3Ev1mhNvzvSeAoyH6xNtcMbXc0B0wn3juGAxhAxao8hPzuwJWlHrUc594Q4nrFPK7zT6JAbylB7CHo5LW0MdUfRy33DnuRlr8nD9KqzmfVOmpBgMJrQjB62zVaBffibhZmQSAxrQU98QQTniffWcqj7-Q_sc2bfTwaFtujPvXc6lO-V7GDVfMtF8q3BLDlU99jhUxo3Tcnj4axVqA6A5-Qh6uURejQiq2Q3gxNpfoGBgr7zYfl72jSzB0689Wq6u1dRmrlDADHUeA0KR-YQX1tUNPc2e0NqqzVbBqqZO8gpLM9pSJX07PnQPIm-bCTJFPMMrZ3Ql_eIk25j8mach5TJHdDD72tepy7QydqoRbyIppPu-G9TKDZvLdcyC05a4dECupLMKq7uV_ZXgc9zpKq1AIZU5vvA0djLhsHAkvlF3tccWJ1Hm-4BN7okeKZkXaSsqOm3fgVt4sRZBGheJy5kXS2DIoxxTDg0aG6fntSvUc1hOHpj1wHnR6uU4n3gCtYPvFVMLYySSq1vI324RELSzHqwyXkjXsW0qghVVovvT8BHCH3mAZY_qU7AgtKwtvDa5rUnxUYvt5B8ho4q5BUAVsAFTY3F2Av68Y339jYrPVApcGYASefBOJJYrlSVKtcwUjyg0N48HGPz8ErKm1szMjd-0kHGQmLIeqD5bvRFKB76JTu4RPkoD53FG2mg0YO-gUaJ3qk4OnbfpbqZMB_EZg_EI2zfHgWa7BBMgwiXVpie1-noN3GmnbuTkBzJSvEOL0pjz1cvuWgI0cjVbI0mN0gONz6TURjAJJnjUUOqUt25nphnSdreMkAfFphc_9Ze0u2TFndiExZ3G791C6pMWn9ZWXd1I9N58LXNjpZr1vgfaNR8jDupk1W8ywZvz5BOnM_W95Ty6H89J4Db1rqlszYDQ4gefrNI4mASVIPN7OWJ2Ez0mKy7LMs83ZB1APwfts4z7L1TS-SuiGj0DpQvz63OEHtGWgzZHV2nZQfHG3KRqXdSEvcvzSAjT8gZsy7JbxCQHV23hQ9urzlOhduso-TDzU3svthD9v0sfDtS9j0Cn2o8h9Ej9ZY0R_Woj2hfoNQTCkaAR1wVTHur8Zilshl89bmdVTXKYFQsd3RcnspuE9kmUg3H5GQwMdnF5Svs1bglmBDVvb3-3BnZvzekOP1ErYZLRFNQCguOZd0jU46Sk5Q5EVmCvp7OmpXUFMyme05iJ35g4sgFg_YQSQEC4UwJC-REI9nFosfyyueWzExAfQEIFarlJIZjKfzI41_UefvxVTty_EtPuvlj8nr-dhHrXy8ZZ45NuHvBIgEG7I_6XQxD0Ctel7lwEeZRNMzVZTHwVSL3a0ACYTcEfASeI7WLaQckPzs6XstPOKRXIfC0RoUndBxQm22JcthLZMW9GNcUhEVppXqH16rxZRMVILk5RGBKWlyp6joLvwttYRMMDJHpN0_2f1uDzQvn5u-6s0zhoqqFrr8wToFSpDzUswin5_hqOnZyMborE1aNQrfHD2Q6qC8J4qxPJBRbQV5VOg0TxFz-eqTv6-YLHGByKx6hpgRqcR2njBMY4F0ny1HRW_8bZ4lqcDwoezOM5CnXF6r6kl_X2yB3JCJNVRAwGnBcm1SXzDtaBeFBHrQjD6xrRXECatVn16GWzrE0VW3GHzjsTsU2autciszgJ8s2hoaLnEws28dZfU1dnQ4iQwAOyqLO2m7WGerJaWPk-3EBMVf0O8hrT9q4O0ai4WbK9R84YwM6SAE3nPdcNiiuSOayd8UbjHYqS6JHPAtxlQpeQNK8NbTkki5ZS_Zz0-PT-ZFnLCltfeE7C9t2XnfulP4lYPfpBVXV-d2o-ZTxJjus7bx5A9CgvZK2UhafaYgT8nUIULIsqp1faRguJqtyJFxjTzrTt0D3Gczcz1mOBwIXjyh7SxSKsSPh0QBDx780F9xzxplBQSnyv8AZ6TipTZ6xRZYKxAaOJ41nsovtg6YTKz_mDipYaxcA3pnJpjSFXvl9vcUObN20BSeBXqFpBRgtM06ZmwNWj9anH2D3t8eK8e6yllaCEz8OfOEYABo6NMj9nx4iM_VwwKIOGdzJEC-LKTD96myMfaA8ce84JaqqZnlG7hbU848MbrvpC0ehpjAFfmD3sPZMQtGTIoJ8Koltmt5fow9rnDQKvoCusR-aSgHAd_YR8ugJvWTeb0mffdFUY6mso4d9Vo3MVuEVCszq-sSXe51vHzfRwZLIvP7AlmjikbSnJKJvHIAwaX8EZS9jT8pNUMvYaj1qiX8EGVTEW3o5HtqCV0CM4aBFDPn2PkFuJJtN29hOD7xpgZiuxujteFGGLwhQNuyb-yptLGBrBftjiLmBji34v_3SpFyrEl0diPPf5WXHadkKtfO1NjZ6UH7xYyCyIJhUTQGq5xIikicxmn3fhTSeM-mrSt2Kg4rj8jGB-glj-bkc6SLbpqA1FaFTNYGwvQvLx0Q0qw_afzrs_Cp126et6LHe0t38g_vlR__Sac_cKzF2cUBIHWRGGjgRwfIpeO146q5mFsQYMK_PLmjBioOWCIvHBOB0Haq8wmqR9ZlfoDApvL7q3UllLfdIZQeAuXK0bIYBjfT6zwDzxQbGGIpzeBSuFV7xBxQ5DRRZluBP3DZCWcYcuTp4-s7vBTf23n4fO3YfkQ7STR1fM5c9QgY-DOlzSQuD37gQ1BxzQ9m_KQGmvvUrUZDMcVM3u3Z7ecflslz4Bo0aiQ5vvwSsqP9UrC3_6MWSoMlztU2yOL0B_8DuqmvgFdtk7A9fC-1K9Fv2dKNHcxPCIMJq9LWLsIGyr1LPh1d0z5VMtfsKnvBUBCxB2swbNZ8jTJPY-L_2iH-PCleF1ZDSM1LMplasjqjQu3_rNXUTcuNLXONb0mzCqbMlsLG-0mF2bOc2kQA3ZNeONPvArLqocnji10g4-YXAdKlSJ3gbyvR_D6NjAnRHdRt6_D1VIjIEZhDH52Uqky4dHsHaa7IdBrxZP4PkvljwJYa4z2nWzidCBSSQjLn5X5cWj6ipWKNBPCWR8kPL554iF1E0CMdnFMbo9dJpLq40tlpts2jM1-JuY6Yts1dcrtiYD1htEjnLzw8tXEjn_x5v1gFw6njTmUkjGjn0sB0pbNEP2bnXPnhtXSiwCkRlnbTvnHeucLOMPn7ARzxZ0BLXXN6vOTe2fKfhaNMQGhgHcdnQOhvsHQbLRN3aZzs3rAkxXbmv5BafoGxgZnmuX5yQJpYIXY4MDln7cg-jrgTKW7PKc4OsmhEYx7vxj4FiK9GBtqiy-3Xj3zJF2sK&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=17268013060971102000&adk=3944675600&idt=170&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c7a9b44a78de7f5be63d680eedca0825f0e3c3ff85df5b1f634fa98ae5099cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36735
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA4 0
20 B 109ms
108ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4392531369465&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA4 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4392531369465&version=m202301230201&ct=76&x=1&cor=11846592105525070000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ABA4 88 KB
36 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVTL3xqlWK_kQbwKBwbl4uZPh1pQvEkeYEzo1EJ0sErSwBbfsLumdriEB_AYlSLhRn6k5Y7M1AxsE5LNNprXY7q2c_tfJb7Pf6AnQyuknpSN5sZI4&cry=1&dbm_d=AKAmf-CP8nu8QW2Sc3NGJMSHufVmIMKWDXXtFTcV-DTU8bKdtVRrfJ8veIfpDKJu3cFbm_AJoyoyzeyxYOnXScj307e4ivIfqK8lOEGViE3kucIyiD7TfaQL5AI213wwGOT8Gbym1g6thifUNxkUGOQh4H_1iBuiA-22gPH_11vMSFV3RGOtN02raZ0jO4SFZNWqoooOouy7QxJ5SINBi-fUpAJuSa_6g_yQPFW9nTbh_G11afn93ymnnOqVvTpRG1gxsh-HkmqceBvwgTS_YQ9vbEBUdbkVbSzPhUtreXK82N8jr9uHzrV7xa_60HJhUT9MvIFVVbUxLVk3ihTDx1bFEdnle-HjMLj__b7XsC0iZBMQB1XvgJKf7W9OKX2aAzbqT2sHP23Ll8xCP7HknILOj1igIev4MuwEK-fUCmVPVAu_lGo12jFsmcwZxOS1R3vTfX0lFSSsdHpzgmSwb4XgcmWKOtIe18sR1q0n8jGqbECzy_WIc7zyh9GIqNecUMOvTiUP8EfoerMN0cSyx2wjbONfmMf-RvuuQaWrg_nhIb9eYj5rxBQDYxwyrmZofHfYljJKk17pyTjX21VlmRvET8uSL07y-hCDqXPN-yKGhy_F_xjwjCwfOETE0gOO41FQ4JLBtvWxTYD5max9SGG_UEKFE4qZgnjnqvp6vGYj04byXCa0sq91p7fs0xuyOE5ArLwXhcqA790P50CPwNcE36dgK4HbBSlNycZGIZoeKeZx21KK607dZDdNhpMoYuSR-ndZdD9KOeK2qPJu2eUtodAjZr6DH-BkDdXCd-cF1L9iauSP4LxuMyNES0g7cGdelfkW8aP9l4rxZg6RBtAjsqDYj9OceOuPJW_yjDi_oQkNiQGxbgKTcBdjV-sPDwzdOQyO4BbVfZ0EaW4Z_tHQ9DG20urY-t_u3yGaNG8KcKSrU4yM5HYB0OP9EqLXG4bn0cIi4t8YHxIbShnvEXp6cdCCN_6K0gtlaOWAybtVYZONTGXMkiqPG3JXVjCxri2lHv6_XFnZL4m7oXMYbL6H5LC1l828fN7eGZbeuaU6CE6Kqusqvu8TPv9LBTnmDHdT--N2wOS1hDVfSICMSf3XEEdbJjvMx8ye-J-WInGhtdV8Nv6rVDTqdrJNrZnPa7C96DPMPygN56qUAz0z7ftXLmlCGV1T3esBA-wjTcaG5KOLJoCjmjJpOE5zmVHEuhpQIjjseAY2bvqYXX7ZrhuuVqFrtoDXrcPZRf3dlTqkFdKWiZKKqjgRmkFYPc-I507v_6xY8K_eRYwK9F3uNx0qd-X64Z9AMFAcX4Bsw2C0eOYhYCzIP0CZZy22MlMFPV4XtseF9NKw1h-MYFuHNLnVbUubBiJgJA3tmAx9hX6Ck5sVOBS8XAqrAL84EJ_fHg7CF1HYpO1eEimMUO1NI3T3oXXqlywGLzj8K2q83f87SvCB9czxCfA3zDgHgsg7ZuPhamVLxMobN0mHjUsHxqd5u4zEs2Ves3kOHblHL4ggA_LM0cyooC_HI-8wfI9vNgYWzNDNKGYtV8yc4AOvwOg9CMqRn1EZg2xHOiOLGBCrqM9ixc6I_7IICH3mGqlWohGo2EAuaEbMgfTpf5cr_cN-3HVRxDc-v5Bb7QS4h5Nv5-z35F0O0xBvIODHrPmFF364fUlDmINihCBzjlUrjjBImxrvw1N9SQ_JgLHxpkxRHViN_QGuG5mpWIuRoerCoKb4_wKtISeWUjN6Tg4Ef3SD7IRk7IX-d1d5AhD0CjyEXIo3FvM7Jxaj_nq9RkZxcXLrVMr7_BXgWBugjs9NoZiYT5yA1x7qPV_yI4-4STPvg4ZEzODRlPGvLDxBfSI-DRKShuoZEGNex25GthBorMtdfsZ4g5EVEUDvifdJ4Yl2M_wuDH4KRfoJHs0xUqJR9uPUS4m-PBto8__FhjmXfpUd9We-uBHoj-f4F2BWSERk0t76Vzu8x8l7w2_gUXCcCQMQRf_DlQeHJEOdIj75iDcdLDLnd2Crl2daUgby4dLJefdh1UdIH1B1vfj_4sq4fYuSzGsrmZAQC6tF3e1VCG2fs7oyg534IzmRFfl2iGC3kxS2DOQZWDsvwKiKDoSoaRpOGR50rQVYeZGptorAy-u82NVejDpUq1r7wHX9d4Dk831NK-jvCbc41itevSRWL6-xcswSLGice78DgYNL9ZoXjeGIKkTbyDjhWrx0cxy04qOhJU7M54EKqcHlo19oscYSVUUud8FawEGWqaWjIrP5h0swvsiAJpfcc3X0wXI7sfVO-O7iIkSYdUOpjA0BwJbRsDtYmgj67P2rjjkKoinR7TT2UF0-Q82hdv3AYZPDJQa6-BfAObDlNRdl3hDiNG5xE2lExGJz4TSsPM6ZuxG9rBYsf5dekw5JGLJYA97MyY7LROP5idlBuI8tYuFVumnjrxdFTjxPTxEnnpKOEJaChJjx7bU02047nuJZXbXEjunXerp4lWwCQvC6t97leeK83uMvSHtUcFDD_W8kTt9zSJV_lBfASh7j-ga6LnQmuv1ZCfCCzcX4XcRq0Bm4JbKz1UPcMV1Lp1IKyNMlD4adWZFqRjnLu6dDM-YrKCICEeBeBGJ7_U5xf-BV-7Pe5LtWkEIGZaFLa6pDfQTNriId50kizGpxcG9nSZG84cWY1JK40xjG3Nn69F9HGKACKEqO4XoHv7eTA3fcZWfYYX9L25DWbAnT6He4DMXsgD5KzkoSARYWUiY0F3JoLt-JPbtpKcjRYygjxh5cwE-xVwTkKqQyYIzroSOun6G3I-i2WZryPPJH8HZw2m-l31P932uaKQNOC9LaSexOJYWbTz_a-qiAwpB-LruUrgf804WxEaiD1d59unlH5kkuloiGCaBPK2Lkju4yKXqKRkdaAivOpM0EzijQxF8TSi7aI6GE1QtJzJYq1WWlv0deu2w6i0QIcoN0y1zmrn_BDm8j_383LY6s1Ec0IR5hVe69THD9XZgDiqyhHbNbyHr0iaBchYWCmyo5x_vSnjBNchhAx-QvSd50Y_rfdHrV2_Qv4-fpTNkDeW8m0_PD69YyNgZ9KSe2VgXA-s6PwLvtW_aAlmXKM77YoeFctR3siAiKYGNhlK_yzBxflEdWmfoXKtiavXiviptO7LQIXylmMqs3ew-QmJmAR7Qagg4Wn-L9omTueLJITQQzeMfOguM49WzSMUxZFEKXsSQTAYmZaWbpGdNv1WK6Q-rCw83P_XKLV9dU2gBxfC4WiTheWj3S7ZhoH6L5iQMflt9dPnha7LfuA1rA3un07z0IzLu5jld5sxwQ1tnugVW5Ag9jVIJKy0xT4F0q5Bq7D5TdCVOB4JFv6ylr9v7Ayba9uhhpplZhAJRDkMvagY_2og3VEXK893cUImmd2tV7GKy91HVcloJYqKP59utHmaJJm7_S_pgkSo0znCrwraf73ltENCJmhEPFO0hGMU48NpSO0MIFQOz_kxwwgCk5JwbXaQecamIBn0yEdTd5An8xFFFDW59dHfDl72pbudIDoviBMqBHhP5HPThwJPnAiFtg2qfno34jN14qCIQgrcmG32YLnU5x5SCkWTvGTCtO3Ijjw5xb3t10GqBWm0jRTpl_bD-yw3tFUV6PYLDSVyQ0z2l8Z8i53jbLXA7jABtkyQGqbOj6Mm7XjvEHKXy-0eJH3tFKX2c8s3l8eBiZDpptBvZqR6WneoBdWnW0VtDnS0oP&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=11846592105525070000&adk=2935317967&idt=176&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f20404f5540d5653427833906168f5970980956c01c5229cfcb7da13563a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36842
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D51 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C316 143 B
166 B 9ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:08:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9A5A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25ed1208b6ebb48b07c344cb221f1751f4e7fdffe578c7eafd466a16fe3d1e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E87 0
20 B 109ms
108ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA3J0bAohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRArIQAAAAAAABBAMAQKDRADIQAAADMzI2ZAMAQKDRANIQAAAACgmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAYQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAQGPUQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAABmZuZxQDAEEhpDTjZGbGZURXZmMENGUWpfdXdnZGROZ1A0USIadGV4dC92YW5pbGxhX3RleHRfY2xvc2VfdjIoAw==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B7CA 170 KB
59 KB 68ms
21ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Origin: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame B7CA 8 KB
3 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dq5sIAz2OS86PX1v6IVdR7lgV4oYVY8MvCdTFXvQ6WJ7Nw_4_P2ZU_rmBUG8krqi7POFEbDKzxa6HrjDddUWczsGkCOSKGb9_Zs_QAgKmjGiW4N6s&cry=1&dbm_d=AKAmf-Dca4EaXemSpY3bgGsYt-JstDBoOP3XK9Fc1AhgtfwcrWe8-vVfNYb38Q6WqUV4FBx0G9qBBbkvkRtnV4tD_gVOSbyoJcf1MPBZXHDxQzLBulsXHzXJS-Bzx6mtCTWcZF4Mv-7Vat0XTWQCX6kCrggDHk_5OyVkre8hSNDJcMTuXofHsO-WCKZ5gX9rvC8zLGQYxLP2tH3pmCe5zYz1Bk_04ZhqyYeTUtko8fQll9_vpDpgANOss0c5nVkvplS3bXyX7SWsTsth2Ysp59NO9kPWqrLd6JQZwGZZR1_wFgVxV6mnGQ19qBmNhsnRXADxNFfDO22-qzmOMVtvHKOVWuRv-7A-wQGHou2SoKCCpXjCZwggvQ0hrILAm-hOiz3AiVrbzHFTAb4N_O-jFJU6gE6L1KR-ZlaUs2g6OL3AZOfQRR88N6Q4OvAY1tErRJCN0EqPiG_VV3hd63n-EBsAAwSnGdPT9Y3vNj5lv_eDAgAPhjrExqYpa6_C32O7ND65F6NUIykZRa-C6ihoOqnDvfi11Kf40KP5ZxljMbZ2jpr_dui-a0olD1VRK6yPL9iFfsxlR26FdQIoGiWe2k3L2eIlGkNO8CigNbUDqOl3Xn_zK74i7DItUBA6HVeUvVHV3GPs-It_QiviS5INz82DL8HkKjV5ZnSTaHQEHWRCY4Xa1aB-D3lYCv-ShdywmPeXA676ICo8SuXz9iRfbuUPY1CQIrxdtu9L48BFdkpehwdI7AKGL1yu_A64SNpOUrjQFLAK7GJVyZbMx3GxlI_4k14umfgGyoSRkKKQbqm6oBnpdr-aOSyiU2ZVDme-rnlzGYs2FxULzAqJUIkfPTpHCJnQYS0-rhgGVMXmrqJwEVa2qtxz4IxlXMF_e5E3-D9bMUPrxFLvxyV1SyoAxDZWvGJotxNfgI0suEd6WFcE-kfLpTJV3jW1hRfV7iJSWoPGimLX1J0SA01o7XIkb3QcYvyGXfq5RcmcWGBZ_IzXtucCTDWlr1A2EfTJdILs7ExOyVGGIqsLY_tw3ShLAAOi19CYheNI-CKTiGDGddPrxphAt26zfik-8gmj341MlwUEz3svhkYj2ihkvtcSz4lzgJ0zFYVeQ0vnk6sLZyaaFXVIS5uPu5tPbzrR3QdmaMnnZ5VNuBnYlv0VaN0pTz851fy_Yjk0VJGzG13UksfNdaUfqflnWUDuXr61CueV8b27yViPxL084newjCWrCmiHFxN026lEu_3yzzARSH4T-oB1QT6i1X-kA6vbr0ItRommbFXcvfJgsu8-berPO2iUYveejEUTHG9v0oBQ-Spm_RDe5C4_7At1VBi7rkGCKGT2qQKuDm5G6PnRg-ub6zCTQlHmYMrX7WBNxofPGcHkoyZnmkzZycuiZEaQNXOIycVh4V_N5HqarWQZOgY6GdK8-S0gyS5WeSNHIsfnJE4hI6ktE7aokf5MHnUko5USVHO2zIIWVBisYgykqD8zO3WThJaWukFOHMPBjZ-gR_Te5x__SHZVfq1-VwYge1fW6daworwpnIQ4Jd9vaHryLtCXr2vqqt8kqs0mbreYkrAeJOw6uiTNliwQWg8TTnlJJigW2-6ALG8rpaZcZmseLPi1lGjDEjsCN5kS1pu1HUf7jaCBnnDkNyBsCGS_qw7pHBj2PgMxeFmT4tsHMY6zj7N-qB762Z65meSBPiLUTDMG__Mov9nIDPG_cRsKLXa0CFoIcdMsCGvuGKE4EGt5cmJWXC9wEq3PvaTxy1gh1qTV-CcBeudEKr01Rm6ldoVcwyjZtTP3v7RmL_az7Y04Zym2Gk-HDSWFVHztpagzU29i2W0OqIrAL4G6cmN_eY_zwuwwL0gPiAXYSJrwNTxpYOKVaqJay0Ra6rGo5xuMQVoecbW_yVJAw8XzKZK8YT6V3SXBnr3JrxdHEvMsBXDZEoqbW-ziRDXqOjhSc69VmjyMYnftEeeDlbrPM4K152exMrDfMxHXIRm1klUvPMGl5uUV-jqJBK31bs5PNRJdFnBlF_LOmI6Qlv5ajdgZr8xuSfm4j7RnYl3a7fLzRwk2r2YoM4czUtFrvaV3ZZtT5wKmilVK3wxl9KlVNZkjVpo7qxJrXKZ2xXm-92l2jnD042MrShMriESQcGo4Fz3xjedE7wJGiMxjyI2jhQBMnVtjbnsLqcwK_dNhicubXMT6Lrk6HDZW9PjzcJCNpvNkIflyIHjTThEDF28z-UWWqihl9GAvc30gQYKv5jO1YWKzwpbCNlZiD6TXiKmBTXIqP5xbO6w_H8HPZ8Ni2bGk_2z9Bm8x3bGJrXLVU5Xl6AZsBHh-2HUaM-Rk7rN1onhxHG24OzYnRQmWXg8j2L9Jp1OXKpFOCE4ghbtQnGma4je22ZTUJxKID1E_13Zt2w_y02I-YL1HBVSTF_rCp8jvie0OswMm0JQg78XWp2CT_C5orlX6Ks1BayWhbgJkEq_u9HMZuiajulsSZbOXQ5qM3ueBSdm6vSzfgCsX9DSSq3Umy9kTYby6zFS7WI5h9R6NY9xs4aPBlqnoVp0Td9mWSPMVzcUaLpOI1FsUNb9bR7HhngvZZZy-j3CuOHZPmszaFWXI4eRRCWNVhsUuwnDQvypE3JGdG61AoaC1LSWuwAFx32aSNXnd1Tf4vTNG5QavTvMJl_VKrhdVEZ1n60RmMb-AZATMIUXpQm45QmpiDvcHLYKDxxPMcu4OWfelPvmnSL6Xpvs-yRwkiEoISMrs_b7jG53dtUGxpDP5yC0mIr7xE_kLx4f5EH9U9WQazfNASreUMMN6YAUXPo_ngsAO0q3namL_20xZQeVKMsJBFUW7GMusZplaQ11HLoKyrXDVDS2Fu5huc82RqSmWIJyiz93xPy-UCq9QR0ft5GtbbuJGqahbLDjc8FSwNUGNhEHm_O_U5zleihny3SLVBJ_DyB5UHqJnQTMpxYKO_RKMtBpYaZQfNcDJWWsGu_LErZwHmnYH7_R908JJpvVDkBFuhji8AxNuJbZuXbiMbCbbVln8aZRinxcEnb5DVhRVRHe2nEEwSqcEDV6Ccib_vqiFG26_QfHBbMc3K4ayxnXDB-Z2r81enqkg_kYNwnt9jDQpbHshGbtteZpFt5z1dSb4T4v8TeQLuAz0_nYhA5numkMHgLcEK6HN66aOIgoeO7B5zFxIzfBy87ux17zUe5lC5pIhNuAnoXGyp3k5N2BOtJpn2xIaw11A7I-fRTP_lkOCr35Gbt6k_CROBu_9FTYo8L2wiP7jaEXOK_-fr48kdzj_oLyJqHyRAKQ9Udl5E_UD1Z6kBV9eOKEbHnkp8ZfyyEIJJkEBOlr9DL9-0I0x21Nu7ODv42s1uxB7UBmc1Vv0slThRZ2jJ7JVRGUz_kJd4Q-znkQ7UxLHDMVYFQmggmbJ5rlaKLg4vqtlLs7xwIwlL81GnxkjFbwQf4crnKMYDA35V4q4m2-HIrRRsZQHJ_cjiBEvVraFCk7rF8IJwI1UUqZaIKtWgnXqeT7xHzh9H8w82UvR-5kEqejOX2uDIObf30s14KmHFuw-5OXheNBJWCQuiAj_xJN0wYvjB7WlD_rI90OHjRa2AZ6kwwH4-rvF5bY-1tzWaGdU9kara12wwHZReQtsPDNhJNBuBUZOmOjQklky49dzW6C6SalS4wWmS98B6TaZMcfLS73oLl7Az5vHQSSeZBT_qjTDPVYg330qrIYJ9OwRQAbP&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=5239219827217092000&adk=2086295851&idt=124&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:28:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame B7CA 29 KB
11 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 03:14:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 050C 284 B
536 B 81ms
11ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 3E83 10 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:18:02 GMT

GET
H3 200 fbb663ae0a368d33035da46c44889638.js Show response
www.gstatic.com/mysidia/ Frame 3E83 12 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fbb663ae0a368d33035da46c44889638.js?tag=core/multiplex_design_v1

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94982bfbea625b64cc7f4227341ed8547b2d79739b42d8cbf999ccc18090e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5293
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:37:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3E83 2 KB
765 B 23ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:42:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 18:42:40 GMT

GET
H3 200 93ba699ab0858e23126e6495ee504fcb.js Show response
www.gstatic.com/mysidia/ Frame 3E83 23 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/93ba699ab0858e23126e6495ee504fcb.js?tag=exit_2019

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c79310e077420df2623a0810adafbe7d7379ee885a763dac420426007a656100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9834
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 May 2023 06:37:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 3E83 22 KB
9 KB 24ms
19ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 04:59:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3E83 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 3E83 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:11:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E83 158 KB
48 KB 74ms
70ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F435
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Thu, 02 Mar 2023 15:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E87 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA3J0bAohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAUIQAAAABA9tVAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAgJmZCXhAMAQSGkNONkZsZlRFdmYwQ0ZRal91d2dkZE5nUDRRIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/164715e9a72d7bd173c872e14587b581.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame ABA4 170 KB
59 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Origin: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame ABA4 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVTL3xqlWK_kQbwKBwbl4uZPh1pQvEkeYEzo1EJ0sErSwBbfsLumdriEB_AYlSLhRn6k5Y7M1AxsE5LNNprXY7q2c_tfJb7Pf6AnQyuknpSN5sZI4&cry=1&dbm_d=AKAmf-CP8nu8QW2Sc3NGJMSHufVmIMKWDXXtFTcV-DTU8bKdtVRrfJ8veIfpDKJu3cFbm_AJoyoyzeyxYOnXScj307e4ivIfqK8lOEGViE3kucIyiD7TfaQL5AI213wwGOT8Gbym1g6thifUNxkUGOQh4H_1iBuiA-22gPH_11vMSFV3RGOtN02raZ0jO4SFZNWqoooOouy7QxJ5SINBi-fUpAJuSa_6g_yQPFW9nTbh_G11afn93ymnnOqVvTpRG1gxsh-HkmqceBvwgTS_YQ9vbEBUdbkVbSzPhUtreXK82N8jr9uHzrV7xa_60HJhUT9MvIFVVbUxLVk3ihTDx1bFEdnle-HjMLj__b7XsC0iZBMQB1XvgJKf7W9OKX2aAzbqT2sHP23Ll8xCP7HknILOj1igIev4MuwEK-fUCmVPVAu_lGo12jFsmcwZxOS1R3vTfX0lFSSsdHpzgmSwb4XgcmWKOtIe18sR1q0n8jGqbECzy_WIc7zyh9GIqNecUMOvTiUP8EfoerMN0cSyx2wjbONfmMf-RvuuQaWrg_nhIb9eYj5rxBQDYxwyrmZofHfYljJKk17pyTjX21VlmRvET8uSL07y-hCDqXPN-yKGhy_F_xjwjCwfOETE0gOO41FQ4JLBtvWxTYD5max9SGG_UEKFE4qZgnjnqvp6vGYj04byXCa0sq91p7fs0xuyOE5ArLwXhcqA790P50CPwNcE36dgK4HbBSlNycZGIZoeKeZx21KK607dZDdNhpMoYuSR-ndZdD9KOeK2qPJu2eUtodAjZr6DH-BkDdXCd-cF1L9iauSP4LxuMyNES0g7cGdelfkW8aP9l4rxZg6RBtAjsqDYj9OceOuPJW_yjDi_oQkNiQGxbgKTcBdjV-sPDwzdOQyO4BbVfZ0EaW4Z_tHQ9DG20urY-t_u3yGaNG8KcKSrU4yM5HYB0OP9EqLXG4bn0cIi4t8YHxIbShnvEXp6cdCCN_6K0gtlaOWAybtVYZONTGXMkiqPG3JXVjCxri2lHv6_XFnZL4m7oXMYbL6H5LC1l828fN7eGZbeuaU6CE6Kqusqvu8TPv9LBTnmDHdT--N2wOS1hDVfSICMSf3XEEdbJjvMx8ye-J-WInGhtdV8Nv6rVDTqdrJNrZnPa7C96DPMPygN56qUAz0z7ftXLmlCGV1T3esBA-wjTcaG5KOLJoCjmjJpOE5zmVHEuhpQIjjseAY2bvqYXX7ZrhuuVqFrtoDXrcPZRf3dlTqkFdKWiZKKqjgRmkFYPc-I507v_6xY8K_eRYwK9F3uNx0qd-X64Z9AMFAcX4Bsw2C0eOYhYCzIP0CZZy22MlMFPV4XtseF9NKw1h-MYFuHNLnVbUubBiJgJA3tmAx9hX6Ck5sVOBS8XAqrAL84EJ_fHg7CF1HYpO1eEimMUO1NI3T3oXXqlywGLzj8K2q83f87SvCB9czxCfA3zDgHgsg7ZuPhamVLxMobN0mHjUsHxqd5u4zEs2Ves3kOHblHL4ggA_LM0cyooC_HI-8wfI9vNgYWzNDNKGYtV8yc4AOvwOg9CMqRn1EZg2xHOiOLGBCrqM9ixc6I_7IICH3mGqlWohGo2EAuaEbMgfTpf5cr_cN-3HVRxDc-v5Bb7QS4h5Nv5-z35F0O0xBvIODHrPmFF364fUlDmINihCBzjlUrjjBImxrvw1N9SQ_JgLHxpkxRHViN_QGuG5mpWIuRoerCoKb4_wKtISeWUjN6Tg4Ef3SD7IRk7IX-d1d5AhD0CjyEXIo3FvM7Jxaj_nq9RkZxcXLrVMr7_BXgWBugjs9NoZiYT5yA1x7qPV_yI4-4STPvg4ZEzODRlPGvLDxBfSI-DRKShuoZEGNex25GthBorMtdfsZ4g5EVEUDvifdJ4Yl2M_wuDH4KRfoJHs0xUqJR9uPUS4m-PBto8__FhjmXfpUd9We-uBHoj-f4F2BWSERk0t76Vzu8x8l7w2_gUXCcCQMQRf_DlQeHJEOdIj75iDcdLDLnd2Crl2daUgby4dLJefdh1UdIH1B1vfj_4sq4fYuSzGsrmZAQC6tF3e1VCG2fs7oyg534IzmRFfl2iGC3kxS2DOQZWDsvwKiKDoSoaRpOGR50rQVYeZGptorAy-u82NVejDpUq1r7wHX9d4Dk831NK-jvCbc41itevSRWL6-xcswSLGice78DgYNL9ZoXjeGIKkTbyDjhWrx0cxy04qOhJU7M54EKqcHlo19oscYSVUUud8FawEGWqaWjIrP5h0swvsiAJpfcc3X0wXI7sfVO-O7iIkSYdUOpjA0BwJbRsDtYmgj67P2rjjkKoinR7TT2UF0-Q82hdv3AYZPDJQa6-BfAObDlNRdl3hDiNG5xE2lExGJz4TSsPM6ZuxG9rBYsf5dekw5JGLJYA97MyY7LROP5idlBuI8tYuFVumnjrxdFTjxPTxEnnpKOEJaChJjx7bU02047nuJZXbXEjunXerp4lWwCQvC6t97leeK83uMvSHtUcFDD_W8kTt9zSJV_lBfASh7j-ga6LnQmuv1ZCfCCzcX4XcRq0Bm4JbKz1UPcMV1Lp1IKyNMlD4adWZFqRjnLu6dDM-YrKCICEeBeBGJ7_U5xf-BV-7Pe5LtWkEIGZaFLa6pDfQTNriId50kizGpxcG9nSZG84cWY1JK40xjG3Nn69F9HGKACKEqO4XoHv7eTA3fcZWfYYX9L25DWbAnT6He4DMXsgD5KzkoSARYWUiY0F3JoLt-JPbtpKcjRYygjxh5cwE-xVwTkKqQyYIzroSOun6G3I-i2WZryPPJH8HZw2m-l31P932uaKQNOC9LaSexOJYWbTz_a-qiAwpB-LruUrgf804WxEaiD1d59unlH5kkuloiGCaBPK2Lkju4yKXqKRkdaAivOpM0EzijQxF8TSi7aI6GE1QtJzJYq1WWlv0deu2w6i0QIcoN0y1zmrn_BDm8j_383LY6s1Ec0IR5hVe69THD9XZgDiqyhHbNbyHr0iaBchYWCmyo5x_vSnjBNchhAx-QvSd50Y_rfdHrV2_Qv4-fpTNkDeW8m0_PD69YyNgZ9KSe2VgXA-s6PwLvtW_aAlmXKM77YoeFctR3siAiKYGNhlK_yzBxflEdWmfoXKtiavXiviptO7LQIXylmMqs3ew-QmJmAR7Qagg4Wn-L9omTueLJITQQzeMfOguM49WzSMUxZFEKXsSQTAYmZaWbpGdNv1WK6Q-rCw83P_XKLV9dU2gBxfC4WiTheWj3S7ZhoH6L5iQMflt9dPnha7LfuA1rA3un07z0IzLu5jld5sxwQ1tnugVW5Ag9jVIJKy0xT4F0q5Bq7D5TdCVOB4JFv6ylr9v7Ayba9uhhpplZhAJRDkMvagY_2og3VEXK893cUImmd2tV7GKy91HVcloJYqKP59utHmaJJm7_S_pgkSo0znCrwraf73ltENCJmhEPFO0hGMU48NpSO0MIFQOz_kxwwgCk5JwbXaQecamIBn0yEdTd5An8xFFFDW59dHfDl72pbudIDoviBMqBHhP5HPThwJPnAiFtg2qfno34jN14qCIQgrcmG32YLnU5x5SCkWTvGTCtO3Ijjw5xb3t10GqBWm0jRTpl_bD-yw3tFUV6PYLDSVyQ0z2l8Z8i53jbLXA7jABtkyQGqbOj6Mm7XjvEHKXy-0eJH3tFKX2c8s3l8eBiZDpptBvZqR6WneoBdWnW0VtDnS0oP&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=11846592105525070000&adk=2935317967&idt=176&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:28:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame ABA4 29 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 03:14:20 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 721B 170 KB
59 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Origin: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 721B 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCRN22y0s4ih0NcuMs6NdYVYa5TF31K-Hr2z4e7H2uW_GB4n_4sWmDJuhpisfkjHDSQmVjQ_kw6VWPSi2W61hYRIov7k3Wcq5NQnbU2rxExHrKVQs&cry=1&dbm_d=AKAmf-DeRdrIhp-wHy-EtLh-IxjiCRLo5oOb4eFcOfvjPUIAFgC_fbITH5_bA_Iwb-_IaE19XPQrjH588HNawesZklBEDhJbAYOrVx9VZfYj7ARDEgD-1VdoWHSiivFc7GL4YrgcrkNkE9RzJ0wmic0RbM1yEU6DfXIOi4o6RNGLTxxKP-ZBCnrKe-zSMRL4WxF0ZkgfW3KV9OppZnjOosURQB8uY-qtcfiYdf0BMPIc23Ol_2gCaFr2UDVTn_SY304NgPf0suU2xxoLzJy7HgEKlYc3Z1SDI-6ZCDsvRuvR8LFFyFd8fj39SSxziiAdtQ6_XUCTvb-_vMB9Jp3LDjO3eNEj1ChAij-iumrH_nWK5C2mTBVW5HTXoYI2m0q6bGOz7D_sFEoy6W35OH1CM2XZsNSwknr9cOgfq4deuO3Ev1mhNvzvSeAoyH6xNtcMbXc0B0wn3juGAxhAxao8hPzuwJWlHrUc594Q4nrFPK7zT6JAbylB7CHo5LW0MdUfRy33DnuRlr8nD9KqzmfVOmpBgMJrQjB62zVaBffibhZmQSAxrQU98QQTniffWcqj7-Q_sc2bfTwaFtujPvXc6lO-V7GDVfMtF8q3BLDlU99jhUxo3Tcnj4axVqA6A5-Qh6uURejQiq2Q3gxNpfoGBgr7zYfl72jSzB0689Wq6u1dRmrlDADHUeA0KR-YQX1tUNPc2e0NqqzVbBqqZO8gpLM9pSJX07PnQPIm-bCTJFPMMrZ3Ql_eIk25j8mach5TJHdDD72tepy7QydqoRbyIppPu-G9TKDZvLdcyC05a4dECupLMKq7uV_ZXgc9zpKq1AIZU5vvA0djLhsHAkvlF3tccWJ1Hm-4BN7okeKZkXaSsqOm3fgVt4sRZBGheJy5kXS2DIoxxTDg0aG6fntSvUc1hOHpj1wHnR6uU4n3gCtYPvFVMLYySSq1vI324RELSzHqwyXkjXsW0qghVVovvT8BHCH3mAZY_qU7AgtKwtvDa5rUnxUYvt5B8ho4q5BUAVsAFTY3F2Av68Y339jYrPVApcGYASefBOJJYrlSVKtcwUjyg0N48HGPz8ErKm1szMjd-0kHGQmLIeqD5bvRFKB76JTu4RPkoD53FG2mg0YO-gUaJ3qk4OnbfpbqZMB_EZg_EI2zfHgWa7BBMgwiXVpie1-noN3GmnbuTkBzJSvEOL0pjz1cvuWgI0cjVbI0mN0gONz6TURjAJJnjUUOqUt25nphnSdreMkAfFphc_9Ze0u2TFndiExZ3G791C6pMWn9ZWXd1I9N58LXNjpZr1vgfaNR8jDupk1W8ywZvz5BOnM_W95Ty6H89J4Db1rqlszYDQ4gefrNI4mASVIPN7OWJ2Ez0mKy7LMs83ZB1APwfts4z7L1TS-SuiGj0DpQvz63OEHtGWgzZHV2nZQfHG3KRqXdSEvcvzSAjT8gZsy7JbxCQHV23hQ9urzlOhduso-TDzU3svthD9v0sfDtS9j0Cn2o8h9Ej9ZY0R_Woj2hfoNQTCkaAR1wVTHur8Zilshl89bmdVTXKYFQsd3RcnspuE9kmUg3H5GQwMdnF5Svs1bglmBDVvb3-3BnZvzekOP1ErYZLRFNQCguOZd0jU46Sk5Q5EVmCvp7OmpXUFMyme05iJ35g4sgFg_YQSQEC4UwJC-REI9nFosfyyueWzExAfQEIFarlJIZjKfzI41_UefvxVTty_EtPuvlj8nr-dhHrXy8ZZ45NuHvBIgEG7I_6XQxD0Ctel7lwEeZRNMzVZTHwVSL3a0ACYTcEfASeI7WLaQckPzs6XstPOKRXIfC0RoUndBxQm22JcthLZMW9GNcUhEVppXqH16rxZRMVILk5RGBKWlyp6joLvwttYRMMDJHpN0_2f1uDzQvn5u-6s0zhoqqFrr8wToFSpDzUswin5_hqOnZyMborE1aNQrfHD2Q6qC8J4qxPJBRbQV5VOg0TxFz-eqTv6-YLHGByKx6hpgRqcR2njBMY4F0ny1HRW_8bZ4lqcDwoezOM5CnXF6r6kl_X2yB3JCJNVRAwGnBcm1SXzDtaBeFBHrQjD6xrRXECatVn16GWzrE0VW3GHzjsTsU2autciszgJ8s2hoaLnEws28dZfU1dnQ4iQwAOyqLO2m7WGerJaWPk-3EBMVf0O8hrT9q4O0ai4WbK9R84YwM6SAE3nPdcNiiuSOayd8UbjHYqS6JHPAtxlQpeQNK8NbTkki5ZS_Zz0-PT-ZFnLCltfeE7C9t2XnfulP4lYPfpBVXV-d2o-ZTxJjus7bx5A9CgvZK2UhafaYgT8nUIULIsqp1faRguJqtyJFxjTzrTt0D3Gczcz1mOBwIXjyh7SxSKsSPh0QBDx780F9xzxplBQSnyv8AZ6TipTZ6xRZYKxAaOJ41nsovtg6YTKz_mDipYaxcA3pnJpjSFXvl9vcUObN20BSeBXqFpBRgtM06ZmwNWj9anH2D3t8eK8e6yllaCEz8OfOEYABo6NMj9nx4iM_VwwKIOGdzJEC-LKTD96myMfaA8ce84JaqqZnlG7hbU848MbrvpC0ehpjAFfmD3sPZMQtGTIoJ8Koltmt5fow9rnDQKvoCusR-aSgHAd_YR8ugJvWTeb0mffdFUY6mso4d9Vo3MVuEVCszq-sSXe51vHzfRwZLIvP7AlmjikbSnJKJvHIAwaX8EZS9jT8pNUMvYaj1qiX8EGVTEW3o5HtqCV0CM4aBFDPn2PkFuJJtN29hOD7xpgZiuxujteFGGLwhQNuyb-yptLGBrBftjiLmBji34v_3SpFyrEl0diPPf5WXHadkKtfO1NjZ6UH7xYyCyIJhUTQGq5xIikicxmn3fhTSeM-mrSt2Kg4rj8jGB-glj-bkc6SLbpqA1FaFTNYGwvQvLx0Q0qw_afzrs_Cp126et6LHe0t38g_vlR__Sac_cKzF2cUBIHWRGGjgRwfIpeO146q5mFsQYMK_PLmjBioOWCIvHBOB0Haq8wmqR9ZlfoDApvL7q3UllLfdIZQeAuXK0bIYBjfT6zwDzxQbGGIpzeBSuFV7xBxQ5DRRZluBP3DZCWcYcuTp4-s7vBTf23n4fO3YfkQ7STR1fM5c9QgY-DOlzSQuD37gQ1BxzQ9m_KQGmvvUrUZDMcVM3u3Z7ecflslz4Bo0aiQ5vvwSsqP9UrC3_6MWSoMlztU2yOL0B_8DuqmvgFdtk7A9fC-1K9Fv2dKNHcxPCIMJq9LWLsIGyr1LPh1d0z5VMtfsKnvBUBCxB2swbNZ8jTJPY-L_2iH-PCleF1ZDSM1LMplasjqjQu3_rNXUTcuNLXONb0mzCqbMlsLG-0mF2bOc2kQA3ZNeONPvArLqocnji10g4-YXAdKlSJ3gbyvR_D6NjAnRHdRt6_D1VIjIEZhDH52Uqky4dHsHaa7IdBrxZP4PkvljwJYa4z2nWzidCBSSQjLn5X5cWj6ipWKNBPCWR8kPL554iF1E0CMdnFMbo9dJpLq40tlpts2jM1-JuY6Yts1dcrtiYD1htEjnLzw8tXEjn_x5v1gFw6njTmUkjGjn0sB0pbNEP2bnXPnhtXSiwCkRlnbTvnHeucLOMPn7ARzxZ0BLXXN6vOTe2fKfhaNMQGhgHcdnQOhvsHQbLRN3aZzs3rAkxXbmv5BafoGxgZnmuX5yQJpYIXY4MDln7cg-jrgTKW7PKc4OsmhEYx7vxj4FiK9GBtqiy-3Xj3zJF2sK&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fgo284.a7bbab.com%2F&ds=l&xdt=1&iif=1&cor=17268013060971102000&adk=3944675600&idt=170&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:28:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 721B 29 KB
11 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 03:14:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C316
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Thu, 02 Mar 2023 15:16:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 300x250.html Show response
s0.2mdn.net/sadbundle/1877853678581317632/ Frame 9B8B 47 KB
12 KB 72ms
72ms Document
text/html 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a401c66fb3b65c020914fdf807f6339a6da088d69b64105bdcae417a2da86b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Fri, 01 Mar 2024 15:16:03 GMT
last-modified: Wed, 15 Feb 2023 15:45:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7CA 0
0 164ms
64ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0Q7oqWcns5hjYwvZYFI9OgIKx3e9aHV9cF1IQXdBCRteokJj2QKIEchq9A1TSvYtrtGVY22hXT6iZbcSTtf8-jIAh-f-8LokljgW1O35H3aDzNU9ostaxh2TfreRl3tXoMljovNvLxOLe59rkW_TbHeMeEYs4ORSIbfBnfnAjuzjpO3TntNT1rCofMvia2Wmw5dzC8t3RXTxtL6LYCZwc9UYTLR9kf84FJyy9ktVynD5L2Repb8-H_7_KWjfjRjnvXMXifq-X2ReJW9bcSFX36IpCyCy6j4t0Wi1HheqT7FxfPBFO7wxC2D4jOrm9efutWL_jc68bNrBUTHauhPkV3qu_VbUPdA6oHhyW2n97kHnxkVbRLvBLPr4OB-Pr_tgJm7_vBgQ-fk3tP3R2ojw_ewZVCft-iITvcqzkDBDnezSf8lJ75sEl2JiuzB4331cQQ2qa2IUscqkPb7D2A7UKVQTVwZZeYMmKOFzbOEcTVwY5yk28dol9nf69dpL7Rsv9-L4rKKQpZCGLdd0xDrXOpWktjeh8WkCdaDP8L_4WaiXZCFfADSd8HUzsnvphmtI0Bi5Zd0EltVPGBcbcf0PXhUjuDV5oUDeV80-bhPOnd_l9UJBUS6Z3-giqWKtuS6S4qxGSJwNBxKKR-WPmeTVGq6b58FqkF8iiZYAD8gPoud-Dz7agY04c5wKjAd_lUZYlLz2TJK1wxWwIOfZ8OvEQckXfk9eyJNZ2-thchn0mwlKYmZsQLj-K9zKSZ4WqSmkdVXLXyvMbpxlWItqrWFmctjHU7Uk-ERV8e8yp5qOzVnIWDvHYzhUh3TBdSb5RdnG7IXpjMOOO8gNn-HHviOdB5-FGzgH0g8yMkXFMaMLExwYeILdoGhlrH8xCDUmrJsPbrljFPF0LSh00YE8l0vCZpmhNDznxGlhmmrviD2nduoDvOuQS2_IzKH07_bA6HqY2ozQmMttGMArS6FChdckE0wRlGAOo9uxUWcJDS5K5Xvb1f5Or3sTlgqlixqZoDO_2EqNjTYpBGqP_4NtcrYjwXCP-xda18QYDamvLuKKfddZR5eVSGpjeQtMEB0Hvha5GeqZbARBm_8Fr_0_rDXotRUjDPkJs-eBQABr7rXlYaCGHE95EIuZwg3IuuICMNW1v3iE_XOZ_-Yd1OyFivvFLy96TP6-eGlwTAJfBxzq1yvjzkryu5Y8YZamH4Q7XiR59XRNIIPNF5lhzXuRa7nuwfMPTWFmuxEFW&sai=AMfl-YRIMQ5pSk0zuGiIU_-0fDd29NTSRQ73wCqQsdU8H6IBVrx1gHmK-Dt9JBOIjgiXfq_NOVTA_N-ciHE0DWQu54PVo0_TnMsE_Tu55ldl_WyzgCcS_BU4m-P75HAs8iQHCwoqD3oysQEB1tp11L1e5XhCifHmIDiPGoYZIS8j0Totvl-3KFpcVes9QL8hUneYQpHcstiajGcqcU9Pa_qzJn1dh8mQ0XM7FmELbRwqmHJ48UNjct6wf5BqutWbgMOcYPud0O7cUxZ0HauJS9I7TLI3IOm9TY6_LsCw&sig=Cg0ArKJSzPL8RH1nXgNDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&cbvp=1&cstd=305&cisv=r20230227.58115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H2 200 11511067997578104778
s0.2mdn.net/simgad/ Frame 3E83 338 KB
338 KB 33ms
33ms Image
image/jpeg 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11511067997578104778?w=400&h=209

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6262425fa81b28fd982c3465b4b672fa09928d2e1ac4e14a69d2e55ad5987ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:11:10 GMT
x-content-type-options: nosniff
age: 14693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345900
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 12:25:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Mar 2024 11:11:10 GMT

GET
DATA 200
OK truncated
/ Frame 3E83 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10621337453297742338/ Frame 3E83 5 KB
5 KB 24ms
24ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10621337453297742338/14763004658117789537?w=400&h=209

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fac8a860f385a189ff78ee544b8a324078af750f3f04e661c13f56adb67d717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:33:48 GMT
x-content-type-options: nosniff
age: 585735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4966
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 06:04:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 20:33:48 GMT

GET
H2 200 4724221002248719606
s0.2mdn.net/simgad/ Frame 3E83 125 KB
125 KB 23ms
23ms Image
image/jpeg 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4724221002248719606?w=400&h=209

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a4164f5ac9e3d246b08b0f0f24a22ec4e211bcc73a5205ee5ca1cd38cb287c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 10:18:32 GMT
x-content-type-options: nosniff
age: 104251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128211
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 15:39:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 10:18:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B7CA 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
DATA 200
OK truncated
/ Frame B7CA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f26ec6e81079d30443381e0ea9e448f3bfa29a96577d3cbbaad4c476819c44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/10596822557170597888/ Frame 93DA 47 KB
12 KB 58ms
54ms Document
text/html 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Fri, 01 Mar 2024 15:16:03 GMT
last-modified: Wed, 15 Feb 2023 15:46:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ABA4 0
0 111ms
65ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssL-lsQCcEn63nnsh5_tozbNsn6eAhV4zbWjsu48pcYL2dzgiAQ0mEj7BYjLhxb14B8Hg9Oy9ZguatfNhgyK4ZOt8_6cDhvuIWV39Aq9hDh7bnjEF4HIQ8x8-F6ujlXnfRxlyAbOygfDmvceRFlPuJQ6_cxYGNQ4Gg9Bp939puWIK3q8pCJi8GI8vzudNvdErfwNFC7iHdq3aSKr0tT-uappw4sXZ96p1QE6KxURkDABDxCOtxVJLcQYz4EvA_v-ZJHqv7P9TmIQ6Lgz09bOh8PjgaNuHTUIZfVkQS4T4FkPPb3plTCY1f31aFmvTu7pB66yyeRhGaOeL78KGqdrXrJXYf83Vvd3OyWFmkOyXE_c3c-oX-WZeGRYDGJoZ9FDt1-9C_GvphS0RJb_mgoLQdXdYzs70tKToQSWHUAsEomOj8oqovywxFLBs-SuTM3a8VSu7CCMFUrSPrMdAWygbvDJPFn0e_rm99aKLoRMivyfrhV5GHWi-ZVJQngY7B_YMYBeSWP5POsEHEC1CGJQeeAlxjNf-bYIqsgFRv7fH6UAjVIuxXyNoSYBjIVC8GQuu1-S1AkYSElu9J58JusZIEuqIhwAj1CkKK6wLASRA2g7DJe9SSs7MpJoqGtHX7AFsz0qB7Wv4jRiBplex33WcNDfusMIt6DDtooSIP3jRoo3kmSX0SPzu7Pw9-5mP1S6wrgIk15JfYtTMvtNPKpRgTADPbI9KtNG_8Rqh9OOtP_6PpLyk35KY7HeIjRyhTq-4dsYXYoUzpkvEjly5MPYBixobFv-WhuDlo6stkdcPHp8OD7tXam5w5Ba-nVtxAEYK9MGEAjqwljQeLUPJFrMviClMIwkEbnCmwmRydWGWj8yjOhfkI-KONxYezle6-BUtaeJyJaP_WzmUQ8MtdLZwCzcMd8KWyr82zHWraKRxh023b_UTBK_v3JYrWoproLUk9mqQQ0P1g5MK_5sjhXDm64Mlb8zyTuMaaiTVMC_ZEZYr-TBrbfIygJOTIW9C4oKTUsnxjDh0bQJdDrTBA-DYqSh_sqYKCzm_3rSmhS5AixgKLdKIP-kwU5rnFRxfUekGNq26LYCejgA2RoeifAOKQ1K_SJ4VuRUi9redDwkrjklfGZ82qyALTQMpszDtU9ntaOVxpwMf52yvXSjxDHKxevOwrrsP7lt2sdYazYZZ1HWrfLJPFTYsK5imxOPqAHEYkAPknbk0oxaFkgDmoz3lZKOJC9Ve8FZ-EjTDB6dEm&sai=AMfl-YRyKOCkPlz-jwYeo2leABsjuzolJgGYBdU1bBo9rR__tGqHh8XuGqW_wY12WLzR1gfWMcsaKyp4-AtzU0Mi8MuyIM4ULo7YANwjezx7fct9tkT5MuMWtCpETChknVdz2nL0XzUb75HkbrDyp4TBPfqBDQFgmlSm5CONcLRzvF-pL0QE-_U6v_xYkldeberMCks5pintxuPWRmgYo6NFqVqKcgs_8Ijdpx9iv0RhuEJhJjOiCvSCUH8LPgCVJxRIsNPU1KCYsYb3XYsb33auMJIgfnkTrLrzN-Ok&sig=Cg0ArKJSzNPLB_Y7caIIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&cbvp=1&cstd=129&cisv=r20230227.40953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ABA4 41 KB
15 KB 25ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16001861909770560963/ Frame 3E83 13 KB
13 KB 72ms
71ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16001861909770560963/14763004658117789537?w=400&h=209

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb2153f1a19a7c3d70f486b107ef64a0e71074948d61bc96743b4e72abf1e586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13542
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 02:13:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 15:16:03 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10261299905892908868/ Frame 3E83 14 KB
14 KB 24ms
21ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10261299905892908868/14763004658117789537?w=400&h=209

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c1fe157530c133fc49ee2c2ec7cb771cac6269c17f367ace97f72c13cde23a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 08:03:56 GMT
x-content-type-options: nosniff
age: 112327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14030
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 00:42:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 08:03:56 GMT

GET
H2 200 2086092464041056419_9445831905889675350.gif
static.doubleclick.net/dynamic/5/413907909/ Frame 3E83 43 B
569 B 83ms
9ms Image
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/413907909/2086092464041056419_9445831905889675350.gif

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 06:45:32 GMT
x-content-type-options: nosniff
age: 289831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 11:01:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 06:45:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COJjDsr0AZKuDNNiU7_UPotGNsAzE7KrtbqiO7p7hEOK364KeNRABIKzHux5glcqogrAHoAHR0NDJAsgBBqkCri_P9q_OsT6oAwGqBNwBT9D7K6tqBOMXab-5eSpGstha9Cn6N1lFnRA03sN-AxR9UMcUqOrFW_ifE5hvGWhlFIzW4pnHyj-9bDUqeLGtGWZuZ9dXGGkhIN3BvkGaoC_EZNLUH-jLYRKTvhi4aSIMGrJopTQKlmTQWO75vBSUkkdqOgMUZPRZId1RXi81_--zVn0ZBHM5OHk56LfV_HPIhITh6z0R-7BoWA-PNJlEdE73V4rzffgQfvc79AhtK9E_ZuVXlxMkxqEgFtFr4bGH3p8jRN1qjrl4Td0izJatmlTLl9BPDVTD634ewsAE47CkzpgE4AQDiAX509vpRpIFBggDEAUYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHl6-vtgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCrsAUYzbHW3wHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATgPu1EsgTp-66CNATANgTDdgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMTA2NzQwNzg5MDg5NDM3GMKbIg&sigh=E1MDis4yww4&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=509&vt=10
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 57ms
54ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1uyrsr0AZK2DNNiU7_UPotGNsAzSz-W1buLZjLyMEc-rhe_dHBABIKzHux5glcqogrAHoAH557juAsgBBqkCri_P9q_OsT6oAwGqBOEBT9A8CH1sabNXyobnvimQ7cg10XF129u1OW4bq_TNNc-Qojpn8n25XGuk2MAKpRI14zs0TtadVbxfsO-SFJjxTCHNhk0zY58KEvnYxXyA6amzg4FfRtRm5AdNbaD3Nr0Gw8TU3QWZmxHs3suXjNBrWA6RXvTs-4g3IKdM3sKyfOvnjzMBqXWAU3z57rgd3JDN_2BBypZiIMPmlDmrW2ifComCWhgLN-Q4RT2zFf-LjgguUU-qDEsPeAxNSNPRRRiWZw6YY9bsWOcjLGf1B8blOZwFML23X3yme4c0tTHnrKLvwATy3ujnpwTgBAOIBcCygOhIkgUGCAMQARgBkgUGCBsQAhgBkgULCCIQAxgBSLXeqwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB--Xx5EBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQ4p8BGN_Rkd4B0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGwE5jE3RHIE-yg6t8D0BMA2BMKiBQD2BQB0BUBgBcBshceChwIABIUcHViLTExMDY3NDA3ODkwODk0MzcYwpsi6BcE&sigh=n5LlCvvhNfQ&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=509&vt=10
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E83 42 B
63 B 41ms
37ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5A4l7GLhCTswRyMKtKC-TCgxDIbEawMvpdJsmoIRC0JqQJAOyQYYKmtkA0j9hW3ZQ4W6ss2qG62RKoOVwe3HdRt_hOWnPU38bKEpDixwpKm-Q5e4v27fc60bQabZehwXXLbtoMQCk3A07Y-UyIULV2uInAg&dbm_d=AKAmf-DyvPzqQQ5vj2qKU0_TMfnDLaYjb8C_UWfgpN9TmopeycLMblzghvN8RSLpMlh_AFrF-3GB1k3Q8sbRFVDHVtSSdETh45lqsvx89_Xyjq4pKiRc7l3Ne7G4O1-j7hJVDnOCaggOMvy4wBSgTr6SZgCMp3Pscva23jxhNGUwnNZ66G0YWiUuhXqncqqfufCKBAg-RErQaRS7n0O3HD5AQeSN0jZXo4-EntDbKNjgh0VXooETvONWCgZ-SOujCDHZzwVFHXrhv8O3514Sd3e2Ns87IzRi-0og9JCgH2DAxJ4yjZwNrUishVuUhml1LivszsRtnWJcqafFDaIUAJowI1idYweOGQEcZrovFgJ-ZMV6PAylO7hd0fIaNG5DLh0W7HqZNeCBDV4lNjCXy4zG2d2_AhjR967pPrPmJwqjN4r6l-IcvRHic6UZATzFL8CjYFoSOv6layrgMzafspU7uBCrL-R0EiEQ2pyJAtpS5Ie4MthyxDqCYuD50uPjtzZfo9seQH3PIlwMYRYxnlS2X1HXKy7U2V5y3X0HiZ00-DwrbJyRixn4gFAbioFoBsoi0l6-zGlMAgkrTUjPYEDMHtwWF4yONX9zgU90TtoBWd4V5BoOcU8eTxnsSQjbqvEg9rhvxll9tqX1QQ7_8tN8rjYv2qeJkLfNutxngAFIXE9TCF8DPrC5kd3O_hIeW5AhKgS_4I3MJ3NdtXw74MdvQjGseG_Wdg_IZywqME3EoVY-K0KaIy4YrLH3_kzqE3VhIVBMnb7zknH40bWpebFf3jsj_FLuSXpacDBn2KacVQSpQ4WK5rK6HYcm78t7YobmrRcOk0629SydV_CSYRSDidcgpzB2AZKo52oxN1B1KcqqLiufr9oBfE1Sl2MVej0dzjnZKNwAoe6nK7QG20cun_w2XQu-z__SXX_5qsypcbpn9JNoPP_R6tFgd9m5RW2RpIhBbmg-EV6QmdwbzG0qdssPfr6KLwlfiXTrl1lbmP9HXwURy0UXIsCw1GTuaB25AVHPWLIIIhT1UlqNWi9OzGqLYFhqShaSBsVg1ctiokJSs8PhpW4aIhCjb8-fQjW6LBUXO62zVEpkMC-EjrrqabmPdp0Al9LaKuBzu-yBpByKsYfGPQXQbTPpibmczcAnsBg6EWMOnwyLybY-BiJmO0uvoGGU-Z_VczD8c-XtAnH0_vwrB2SygOr-v4L-w3K1OJDGi5qpL6xwgDDJ9hxVbCYanVhvA-pGG45PUUS441XDZFM1x7TibI81E9GHPD81RrkXnp4YiDNmya24w8OSCtb1tsBybAhRtC6YG2HaygJbCt1gZ87iyevoha6q1GuhsdbEmwH5hxH7LY3P_aihB7Q_PN1at3zNNuhmhUcEi_PG7ryGP_x30IlnlqDomlTE2PVVR1pEdzSxG92qBrYrTrlhDHreIdasfW3gNEpVdzX9GwDIsBxuiAcfmDiTg8hibzBZ09FrqibxwfQ0zl4D9RUwudVpqXk8PxWsocOzCsU9aDYbukSpzUgz-62vXfodsRcclxJM08vqctQTuscrnC1xVmgaOXjWVTD-6xWsmqxBxvmBX3pm4gzKAsNCz4s-c8Fqqd_9OWpjZ4x1qirKO1mCWrTCbVnbw8GCfVgY43iJxTIWoL-C0O0VKes9lUHCEvKbYafGC40n8u_3PwymwhjhHtMXcgX31e0wnyrjm9o-b8PLP74ApoPZ3dtbfCqR4fyzDnlON-WFuL1INjYYo3opUA-TtstdQD0RC1efD3Ip83JBPwN5zxvhGzkUEbaD8NlZJw_bzgWOadRQP5BtOu8H7ctA0spma8IMhnijXGUFLSnACMDBzNKtCB4rVkQ3kkBBoE4FBTumDoNv4ZLuniAzOQH4qTyRuXFKrPxUKK33iqEhRkk00ByDnz679_9fVWCWphHHCV16rgJZtIQ3afynu515tuSh1rBM9juouYyrVr79fZTH7wGr0Wtn9jyksb9_CwT3JkJ_E1wnBPT4MRJzSAJA-0UBDozM0sprxaWjjAkSkbm2usi_hUlQPgK4gd6GDT1LfB6GM90I3ee8vpaXNRyJnZFWlkIWbXsvWNTeZWSi4rVYQvULPadBOMVj0kwF9tPHYsSAxR1qFSZKuuah_ElvYnUWrZGRX4mIogEU99CYrkrI0wX9L0BG9Nx4i3s26Kun07H0H7KN08uh4fAAd-5ERDw3k1W6Yaccwo3NXL2qfQVap51i7_WNdIh5iEYhG72Xk0ds3gw3hYcp31HEmwMc1mFBvfvU60oyb6qMhLl1H4u2gw2rQanpOKSvzp2dXKT--0PW35gjCoCPEh28dPtJcVLz-bnR2lMeP_d2fmrizcpoIMXrWpoPntoeL0wBBw78P7XeqqQlFkabZzyCZQEquwoFgVvWp19R7DT6lEr0-FbSzRl3UQ9-BCOUZRjxlCSr6SqvFd7DLeri5AsboXkZXVFGHHZn5VZtVv9u5i-Yc_l_4dG8THmqXSblE8VqJWyEWTfN0Jetd5jD1uTJ16c5JbWkTDLs8r9iWJ6Ibq83eC6Oq9MVePFNg8istKS9shhiWJUGHltuMXNwoXi0xDaIt-m1kx0GIJZaDKnpo8E6IM0b6Z4dfqOEyks93BHg1trTt7_F5G16oRkhB6EyB9pDlM4udcEIl81MBNPcm3-SnqBBKBXk2KOjvih3JIDNyZDrSDF-TAjEgMxbg2_acCXwZJF8zBglIZrr_ILeePmrMInuXb1Vd_PXd7krwoc6L03L4Dk6fej2Z3gd-pjiplQrdR4o-2kIKMMa3vqLBb-qFVvpmsl8L6MyQGshkcNrjMqOIY28KT76itiZhLtlQwCCkvQrF3_DMenZwb1CJL15jmRfZlwXNMgtoAVd1VZdYyBPnlpjIyuSzlYTLIhc8f13tR6LOn_2QV8qPCWKY57KzyXeG9aFeoOUz5EOFQcuAlqYMnuRIfiDIkBtYMc67DhpT6sRQM6tOCUjTQb-DIyaxCDJyxwWhY7dsmQjLVxls0_q9IqFEQjxQiK047EdymBIFxSFKzQXAU-7gWkg9bEGzdUbLjXnq7_U1s4FgX79SvaEzQ04t6_lgpC_p1VeDIhZ4Em3FUJkT1li8QfBS0lfIAwdTQq-jEauMNnyw4K_ynIUg0ziEyR9MJ9Txky8DMIcarV_YYbqb2Q4Toxmn2Tz3QyX6KKp97eF-MLJ0x7WBry86DIq1vXN_WbIPZL2Zfx-iEOg9jncWlJX0lt_BjeHWLB2aCJuPjk0pMEMEyBZ118f6T31DtD-jn9OxRKxdtnNbZu7bmJnnH7G-6VE6jDEtiLEqWnxi4CtdU8MEed7jMcnGbEclo0etXq0Gxk904nM8jT-Rb65ojdRYwoI4I_bd6DoyLwyKocu9j4cyexVx-jfWfK6puv-mYlPURLCMWH02LQcMKwYSUgj9YwjyoqsIxxEUBv2xHdrJTDaapv5zBlpewlZk_RneurJJ86KhFSDleEoR1m6fqfP2AUnpJ4l0ac1JhA8bAjZTgyhWxyNFEsO26Bm7PR_3mx1y7-bg71YYGJwW18HTqGrMG2hsUEXXoSJCZPz04WRF7j5fTdq43pJs_PV3udSE5K2wnZ1EllnI38uIqil7X0Ap1wMw2_dsOTngaE8COrWxn5Z2iCv6I2iyHVksn1-vI8kgToKaO4yF7ZuugPWs8sg7EDWriYoYtL4Qf7i_k3BfBPutLtCCnVuYlG1hsyKB6CEiot287JI1Yhs7vOL-5BQFuUJrebYi1KbSHAWSDlKZT1bwqZ80Oph6S1yjW75VaWQoh0tkG3eh2WvyR4LSxT4xpV2lGIjAFzvBG3h6usjF0Bwukn9CTj2SHvLdVfJmw0C7P09zs2MZdRlhfpAkRrPaRMbrqx3dbHY5Na_CRrV-O_mnaEAPCjt68sWSWyBejvgHYP_MIdHsvW-Ys20kF9--r3RJKJYIg6fzBiIShALqz8OTArB88sxAtAhQ6Da5XjAdN46iZ1M_nph3QK1y_LIqG68ekdkG2hLmW2JPUFWonXUTdt1on6x0Q64kQWKoXRs9MO5dpAgYYNnLJpXiScN4tf3O0biHpBylqzZHwk-4kN2qYrsL3yo8SjthkXN3RRg0_FmHsKCk_7WrjP809JnY8tzYZ0a311dQ81tecsT1Ft-t3JaDWI8CeE5JLKqfhWITSe_m87ABqJeeM_QnwnE8I6i3y-uaF5rT8Pcz0t9GbLHQvLvw87g8VO2RJBtq_Ll0XNLpR78sub2iAhApH2oAUz5O1XpvJ7qjD3ZfgOFYL-NGprNjRSy-9axpIelgujR0yVoqo3ujZsPPjBEmtKVC-TQye9G60Wyyz17pPcXdPfIdRiX7hnk3BIg7bIcKfB1wgDi2K5mIQ_OkQ1yUvI4rL6vgcM1Kjx8sW3fJGzUVIgowHZRBX_emF668ctUs5ogpXZUtCBvuKd5eRcxOrtCZlWVX0fE4dtsPD48VZ_DaWIMWHgMu1KcAKqgoEDlcXMetW-kl88s5-FLvA4P_-xW8LnSEzLy4t0S2zpwchabTr8Z19Ogbe20EWneDnLVvuByNZtx_mulUplk_o1PrHlf0T80kHrPNk81Fb_5aFT_iAVlUu38fFqfg6nnguaptwU156BkdxsIvxOo4Rxquuhgh8oa2OqxZmtNIDyHg7fuNPTxTACaQ-qsvcJMOXh9dyhAqtC2JC5xo1YFMSyyQFRF-tct0cSOgS7BMIZa3o_wM7S7oeSiL_WBgRcE7br5lw7AMzve0rjONdV605h25L5JoOjdoXFfz4LWhtBhEmNPCYmTKdyGc1QX6ESncsEmOrk3drL7DDETxA&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&dc_exteid=1142263471132346726&dc_pubid=4

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 64ms
61ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwH2ssr0AZKyDNNiU7_UPotGNsAyjjbmfb8OBvpWaEbqj0MT9OBABIKzHux5glcqogrAHoAGk3ZqLA8gBBuACAKgDAcgDmwSqBLMDT9AhX6NSeeAP0N98uChSB6hhiI32ehYN3oPEtF3wrc6BzbIcvuz1o9zNRN07XqFjJuGiwLjcEfZgLHybRmlElYrZRYyes3DLFBzGzfnLEmIEU8NtKGYoXkHvcyMpiFfUOEo7OzH9IpXKdYrD5nfQvmBTjlwAQbE4K5GSa_LufjfTivr8_eSg6uqc_eI56Rh0UXqJCv0RxmXKmTr1MPluRoloHoWwgU92h9RkrfVkZrhqupAQeyaHlO3mHAcFnbsVA763Xa_MD6ZA6GK8a4rP9VVqHv-_iztg9Lm0K7defS6Su3ZC3YthGmISsItasFKDZO-AHFYz1gXL8y2QMHbC5oIT_gB3ibmCHFpzW7Pu85luWpn4zU3un_kLuJej8uFbXfOKI88PgerettllBTmXLeX_Vd0RRhjWr9DeQlyI-yzVkNrSTfxDNzJTvci9-SoaojMtUMmLD_sgzWqO7iV8zKfoqIdfPLRjvCz_WRVmOW0a3c100xTjxQEJ0WbYI6KV8e4ASqNmpC9k2q4DmpDLxNrZo4-sSmn2Ba-kd3J55uPpRXn1o736kHBVc9mjtEsNfL5OwATD2bC7oQTgBAGSBQQIBBgBkgUECAUYBKAGN4AHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM6HAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTExMDY3NDA3ODkwODk0MzcYwpsi&sigh=behNgtUXvSI&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=492
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3E83 42 B
63 B 44ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRJmS2M0gjiPE2mXeWBUxRfXLwn8nnxyZZUsz5R4xtAeFcZSJIguDlNbkW8qjy-AALIwA3FxqS1P0h2YgH-W52SgmoTPaiWntYrD5AApWnVVmUvclAYvEMtm7HuPHudbNNhSYj35--HpybJSEEl7fI_43Qnot7r9C-EJIPGQrzZRXGIkU&cry=1&dbm_d=AKAmf-BMCKveJtng4BKzWd9R4U_7shHom_ihGLBCDQ0rphZcDxP75-NwSIxx01K36qiQkXBQ1bQFV8_ddWR-2ItPmZFQUANEOiw2_IxzR-yx5IwBk6hnywUh3Be-LeODCFupSvEEPPwLpm1_FeWegTWuy793FgNyyTEOqXnWf27p2JToc_H0SYsEnd9eSvw3Ct8fZOualrhc3BS2Pooh2TIAfWbStcwWMyd_VOSyxAJoVKK9NA2CnVAWGDF6-Pw602xa9dlxEDXo_xhGwnRCQ_CNoT3R0z8fuVCFs1NGfoCwK-EpQaJ2vhOh0W-RqBLBB4bJUuAB3kLUuzx0fCEir6OTEubyenfZtnBDfW7YfJN6mnUzWCTJrejeVVE9mX6sVZpXDDSf9U3vNTFvGIaXMPBfB-YCbNnoVv1L1I2jNWqQQi34tJKjTqUiqKIv3RDOMmhDC3VFsr95xp1eIXbu1ffV45xQaeuQVYYonljGyKojKJ7U8L7rOOgxx9ng8NxTN6ezj-2xdkoJ888hUGaYo9ZeDQqxRce3mOCQV6GmAp0ZwBoGzIwPi78vmiTvCZcTZ3m4Z8YIEWFDc4Q-mmewaie656PgHyDE9gxd0xMcXa5iuxT4pTbGC5Desgz_XSRcvPE9aY_rufJE2hNzNubklDPaVrbJsbDY8naVoD1Yum3vZBsIw47bfGONTYheQPfnnShyu0gw_kgp_Qvx1rm9KR-AnS9Gum43rmnkO12MfU1rlqVl6LNWbWb6qa3_0rTCINMPk8urchPtaf_8yexruzoRDU0sfsrMkZ3XbiaF3LKGGtbGRHBhP0VdYk2b2FE58ckTWnUPx6lmYKIo5nym4mxuZSiF7b1U97nJwGHCIf8gE-5qM-e8ghs09G9uNjJGcaBJgSZeVAslamY1WyQyyMsJmcoEyJUWKVx7wDoMmOlBgUMsvR04Jkn30CdB4C0zmyuVf6xAIl-jBg4H6OAT6DvI7-WgZE4-zxcABSgzvZSoiOi5EeEtdQa9sB_8MF9DL-ZGWwxhKadCDeQ4PIN3dC1NxLUg0SINupzPAV2TtzXrLBXld2Eex1fd2KaJevbojtPtrEfsOTMl-mlqDmVyo3ne5y9pq6sWlhNpp21WccyVxdHB9E_a3RAJNl8Y-8ohItMQxGW1CMB2uCuLi6xm5vabgu5DdhPrSXIHR3ONHKUQirQmKq8xWe2-DyDnQyfj9L9DvC94OLFRQkk1YWC2pFhU40a4fjHs--N5KL7i_BxSDuWERQcwcnPpLP_D_pNUhmOqSouA2c-XZ28fRW7euC0pHWiA9UuINWQP87kw258QjO9LnOTeoOvbLf1Z19NpCmdYvwY_jLOOaWh_KCdDRT7yXe_iSD7utPmPRS6qK4kengk2KlCTk1XYaum9puptFIJrcoOvhC1mjYVApb3kOGJ5wGT3kyrc__GLko7VkTu2dzq18MsM7hEacYr6Im3mVHSTgdPUNyAaYxcq2DMVWYcco0oamN1cuUGtWn_564PMLNORiLS1kttOuyG_ekAn1-coCqh3oRcxZPpkr_9KTf8HHL4MTRItuGtg1JzKWMJ4EcOJW_-cK4TSjOmGa4G3ObMClkrk1Hsp9omPE87Pr7T0uie1YHXDP9Kzx_IKQqj0aTwKF4EJK1tPFMbhAC4c-Z9VFwuvIsaMgrasP9Pf4nXvy6OuPHaGGjHmCrSRIxAHXLlPF9oTJbbvgbpC0flDKIFmrRibnlfi7QUFqYwEqWU20BOSpL59uFAj9Ukga58T5w-hjaCR6Y2uegcFgoin-vSQ-quvJJehFNYhK3Hi2xe8zrqh8BDBNlgZbyVOvcZnpNN5N_hPqE6HhyrlUBCIOHskYMBvHnMDtxMzcWLGgSTiY3eBO9OhFd1BiMnAEqbFJ-nY2MVOWRB306pIUzmJX1R80kCakJ-RI8tJuxGymR0lg-NNF3R14pDcAVln561EuR8VaEVVOOu_aYuYg_ccFQvNfx3u8tp2LdTb23sjnxSBhKus2Y8vkDduazfVodtguBTDptmNg9dvvU60qnwYvQ2g2F6-z26hxSd7aThLhuHeT51u6YONmZG7UKTFS9f4uztw5NGZ8JBi5aQnt-P7CuJcLZ9AYsPCfjXHwjuB65C6xcPRCsLK5esgvrho5z4tyJ899_hEyYbwaQTi2DQw0OsoqirWeBVNlr--CN5liSH4_9ivaO7ZIt_VR-nwsLm4Jzh74j20oekQpXS2Z8WvdR5S9h5TRfhu9VXP4hKF1mmHKyKuECE-4fi4tmN1ALnAE46AaVFIIzqRDr0EzhRr8at9wAuh6HbdHd7zk54mNE_6gIYTj5DlI8t3r2O1S_iLkMNfQg6jv3E_KG-beChK6ZZ1RkOqi1Gei-tqhDN0xLFr0Gnyq9PBIhLdG_WuYvFNxrZgLnYn4VjIppwMcAzYxS4aUbujxNphy6Fvqy06nbSLdech5_xMhizcSGeKlpvVe_U48kfiXsXHDMcRwukPmy71ekaqV9hB4qxmGCCkjk63YzIpDxPPIXiyJnnp8xXytYeAXBMQKosfn4i1YVZBAMyzP1WZWsVrBGhfQUfc9_XxkguMqoGF3ojPqEZxtBzC2Z7c8XWHcEjVtMs4jYgA9ZzxbZ01VKt7rXO9246exWjr0EGO2ZejMlOgqLzFMi1lmS-ayNHiL3PCJ6QTkjGYJdcM8SlNYB_vfzlOLm1rzVslFF4p2HoA2vGvSOv81D90G6JKE25kIHaMTQ_1bW8SxG2O2EQ8AyFK2i3zj_mmLuYJVADyI7q2f8-RR4X7jXqNBamT2Iqk3OmzugpwNOm56_K7cHZCFscY_S2Px-r3x1YBqa_XO_cspB7otmE6HGS7v7PAn5KV8cuaJuBBouVPCVdBVpegpkMOu5_5L_YD1J-NxqHT_Ufm5QkAbc1TEzOm1PlDTrZQg9uBybdDx2OFh1at6hECgiQmocTvolhfyNaebx9yGMfz5Wy-rfhHWtXlN61zPWIaIEal3EVzZi_vFUacMAs6NSb_lHqCY1n3oj7zPzgsTWVP0te6dVBReqMdFRUZ2qvRTa62f0wfZg1WpXj-4fWzOZucSyX-RMNW4srGtAMp9VzeKFMewqgr3JRFQVrC3wHYseAi6QBJ3vPHsWuKhrITinTd1lOiQOPqQSav97nUZc19uOs87voPMkjWrLvNK_7qR_SEg9Qc65BdyxUKtfW9XmS7Bz0OmEpXmr_yJcHVZFFDQ_I2pFgVKk_qU9ZUhZM9iPyS_5AMVzmy6Ht4CKwHCtHzpokIJtAFvQX_HEGeGDshpvuWT_JJ0OLXqBEqMr_k-dzLZyGrIiXhJTKZMwiu8yk42fh9sGr_BxTwHma-_ECuO2WYzS4VL13WZ_frFBhBfbGEbCcRysh-twnaB8pWRpHR3Q9gkxrEuuqDlnTOKch2hmxCUj785uJgLsKwKR4ZUnVUFo5sj7qp1XtGroNOPfuS9zxnozpiG6KCPlM7Q9GcbWtV09lR5N_z2jdWqylzMuP79LewOUXOidFWhUCLby_ar5qOEApHMY9JS9gsxpPhGcJ15zfpOl4pZ6NA4jy9KBJVFgWFYSs-Xb-fhRvvNjyMg__0NjhC61e1mVnQMBj2SBI7zdx6J2eqcFzNTDldPFaTkyW22epaT99w8N-OIxe_ILI35_URqBGTwvi9tky6XtNMf-lQ8BOrtfYWa3_PvKOuWdzm6kf2vV11jiNQK1g2RVlaV67tpUezm20AAz4KRyphafLZj3OVP4rJcHLNRBRh_U6knRtoF1O1lVtuzi0GSB_Jgxa4w9kz3uA_vVrfh-ahJKoNqGBYHNLPKFwIX11GM49WYr0JYzK-yo_Zlq5LtiJc4yOmhECBuuEooYvekho-timyCUrDyIgRVBv3X-ACOvQnY9mGMpX1NwCH7xP-_86YfiV_VGDGgct2WEURtYgK_PIKR0xcd4kW_WQYXNs4K5JJv6VZgfifv1zVz0h2DgsgyTkzPQaDcy7Gc1uSPYQenGQ0cHLI86v0N5g42DYFQ65Bmno_fXtCSruBvgK05rDoJNpk4x3v4ri4m20Jp6aePbv5LKIx-LjQl-CID1wxcw4LUqXVnfdC6bYGfojxxXDJf73uceFP2V6afZkmTyGxJeGJ6_1ajP7T_HaWkql8wv9248GWKvZ8R7Sjyy3nx1aNulGIMGqvcd6UFK_W7h5XWbnnnjyHKx_gUpBxzlR1sFDfjiifNRmQaNpb5u8dtwUVOefAp2rSmw1nJnSH7yv35Zmc-dWioD3oMtDrmWh5mZCc-wZjkU3s6je_px1Y36-a3pI-W9152VwAaHjhp0NeqltMawSix6xbnJqWKYSEEeMK98V1eCePxGY84ajBCDlgOUiOmtFSMxmHRYE_D8y2x60llERpWP5paZQtiNmXzK-QmI0R7Jj7-fbzfrrqZRvdQbyHOFDlfg97_ly5L0c2jP63xRCm279C09g0fHoQduH8-ELIFxC54CvAHRVA7rnK10CB-hRkg9lcvuXOhmp2Fmb6xCqfWkb-qxq29x__eR9-oXTJrSdAI2bnloA7aX0WxFqnFMzJr9hzNgHJhzU9AAAXCajVYYF2qrw12nNbvHsStSe0LKIAKXhACnB5h-WWLfj_7jGy9xcPkxOvZbhS-jAiOBK5lLz-lbiEoMP332BPAPtSE9IH2fEMk4f7yyzx1mqxFoExyi7r5AG7SxnpiiuD-0nlfagRRiOq8CrHfoqDIUGAS8CFpMZJ2xnPK6CWiYxurOxUX72_SbuaxrPDEH_dO2wBOL2rEQyvC129hxkPoaB308TmHeyt86RnDsOI9D3PEQfsrcyCRmakla1eOFY6UckuX07oOJ8qBTOJZAKJx2omETIMCg5k_WL4fBYz5MZkwu9JeIJUE_JzjUgDReX7sSfZ961oYjwv-Y5HSMN3vBYR_7s_vtcUhvtXyTyQSJONPLONwj-xoyF30Fos-hkPT-QD8otOI_LVmLMq0FnRY2E8LUXzlP2n9QjptJMpOFXETFHpLDyc8kQwpbmUPxYVUgdyN1h6xn6bgBF4YMJCA6ni0WUKR5lXaUwL&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&dc_exteid=4148593894630585288&dc_pubid=4

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 61ms
58ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClcPZsr0AZK6DNNiU7_UPotGNsAz07o3xaJmgu7n8D9rZHhABIKzHux5glcqogrAHoAGri7aGA8gBBqkCri_P9q_OsT7gAgCoAwHIA5sEqgSrA0_QyUUsNugwW20jzaLiETq4-Q-ct36kFVJXjmUNwOqV9sy2VDtFihZmUyOXWwaGS7-WbDSXGO5bu6wvTeglzRKPnw8y_ycsvueNOrXSdO0QX8Yuyxz26DfcDk8CMBCYIIeXBQ-RWSO-W6Mb0PTl5aKTVOgrk3QP42eUWwQYygb6x0VeIZSdfAFwU-NjzVKIV7Ql9T3-UC-dXAhhPXd_svMgTeOu59styWbtyq_DcMuhg_XVBGD88-l68htBQwXql1w5lSpjG95P0gu14GQSLaxwwNfI7RCUabyEvS-1W-g6hHhtZ3BH5jBxQ60nMMTM9NQupUX2rsuwRbIfmmBRgNAgvEx1IsALxZtdGefkF_V7osgrh_8vhrchugXiIuO_UHOL_yPD3cU_N-gJ8bFVYvuFzyhHvD3VrAUSLdHM72Wq5C4m4UWYXdq0w6yQzzjMvxfHiEEz-sPbGu6xBpj500lMio55A-pNmw1vb-TaDM37ucu8vQjCxIaR3MXasY7p6k4oSlOxadEuCZavlrdPDorNul7MyHKRU1AW4f-a6mG3zjuSeSALk_0_kLbABKvZorX7A-AEAZIFBAgEGAGSBQQIBRgEoAY3gAe99Ml5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ9ErSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMTA2NzQwNzg5MDg5NDM3GMKbIg&sigh=iHYN9Kx6Q9A&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=492
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 58ms
55ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CB82Ksr0AZK-DNNiU7_UPotGNsAysw92Ob6i7hdqsD8CNtwEQASCsx7seYJXKqIKwB6ABguLS1gPIAQapAq4vz_avzrE-4AIAqAMByAObBKoEqwNP0EnmqtJFHair4VH9YvimXQcXyhoJd4u0JUxTYcko0PRj1ok8ECxCZyWrqfxZN9tYbEGdK2-GMjQf8Q67udRRq2ezvTFzm2_EEYWU9lYah0SURetrGs9aSEA1dlpGz3cT_swv4VTUuQ8W7K5qxxwguMqG56pViQlP5j4da-2hndlIkJiH_NpqknmCs7zxcl8PTBQ5roOH7n-Nln4akCeu0x2_6nzaoi0BsjIaXA7lcpVg9nbvaK78o2f82tg8VnQunETVV3fpic8SSHv8dGSHkj171uyiABzh0hxD_YPlAwNC_mUEhyNFFtP8WhpxsRPRpW7rSMa7Ddiz5jdHTcACP1LYYn5h6Or55ZgxoOkd7RLFg_QRMED9I0FSD7yWfA8Tsr6BjgnXfI2_bgCYLS_2ky1ObHv-CO8upjkfUNRsog6iXHF3sb_StuWTN4jCYlwdV6wR0HJg82b2jIXmhZKOqnZupiGNJiY7unQlHPbv_adH9SXro5XjOb3hCqY3IZD3rMLTtlwCFqBy8tcYupljeiOpHNJT6pSQ7Tk6ZoAAzDmQIL23m8TmdisRwASagbD54wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH5p2tKagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDELg50ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw6IFALQFQGAFwGyFx4KHAgAEhRwdWItMTEwNjc0MDc4OTA4OTQzNxjCmyI&sigh=ki5ESoS7l04&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=492
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3E83 0
0 62ms
59ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-xuGsr0AZLCDNNiU7_UPotGNsAyGqueab6Sg-tvGEbnumfqKORABIKzHux5glcqogrAHoAHVlP7HA8gBBqkCri_P9q_OsT7gAgCoAwHIA5sEqgSrA0_QkXkJ_YdGXo19J8d7D41qYjZYGkJ9UrA1MJBWk_AWei1uL1jvuCQN-9GJjsCAFcYO7NhPmuKLwrJUoiRkDflagZLZUsspOx6Z5KJK7jDJQi0vc6H9O7HzQyrnA2ArcRjUnxVCb1YzzTDvrwRQxoq0NINK4HoKsBMwXIaA16PnKq3Jw14Zu8-uq5OTOF60nYKwaLJXkercgnhQ9oqD67X49Bl5OQqCLNoeCyxvCzbRuuBcROlpuwDHlsqFkMDX2MQ7BjzUBS5qfP7jrfk8gAinjj62OWwlgMnqGUmKXRVjacO0j1CHIz5ivIE_q4CORW1cReeqNSmUbLN4iKEi1JdD58txY58OjJVA98ALBU_ZqOH_UYcsr8j4Bo4wnIy9Eeoss9_CFV3SxuGuQ-O6xthJGuAAVpj84LRZrPqgljOR2Ge2Tyc2pcrpPskJDk8kjJPIaqi3MkUfMU_XErnRYxBPheR1Pc9B8yIOER86TVMHfvjn-fPFeU98zvr-HsYDPNQJfdJHvE06NG-2oZ1M1Tcu17JB0zc0v5PUkLALHMVv5-4kBreEe7xePDTABKPwtOuqBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAe8v6kuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcDEPAu0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwuIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTEwNjc0MDc4OTA4OTQzNxjCmyI&sigh=LrJKBnX_ue8&uach_m=[UACH]&cid=CAQSSwDUE5ymNC7cf6kJ2wIg6KPgWhHivHm5mBs3qe_0zwZaJ4GWabq9P_kR9FLM5_R026AW_KHM-qoPzXAb6OjGl1Sw7JK-H8OSbrwhDxgB&template_id=493
Requested by: Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3E83 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03cea4033e3c7cd780b657462849242110bf27386e8489048ebaac382ae902b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/1877853678581317632/ Frame DE86 47 KB
12 KB 65ms
65ms Document
text/html 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a401c66fb3b65c020914fdf807f6339a6da088d69b64105bdcae417a2da86b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:03 GMT
expires: Fri, 01 Mar 2024 15:16:03 GMT
last-modified: Wed, 15 Feb 2023 15:45:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 721B 0
0 71ms
70ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA_cCI2cGSlLj_PwNUpSpnfg63iK8ukaFwL6E2mP6jLygafGkgfQ02HnxK1UPwE57U6yOyao5xagoYHMWJb7pDEzQJwqCRFh6dUYezNFXU-B84g826HXVf3OfkW7pST2uTZybkvaQrMYs9AWXqk_-EAnt1X5f42XXqOUDID4jysEClQCszsA8aajGWMn8sUklcyjsRaEV28_M4OwcycQUE3V1yet2ZJ_Ts2FClamkxmnCkRc25nP3Nc2y41nK7Td7n41A0a0Mn_oOWZRMLEFMB72wMRPWOko2M3vgLtf7zr6qWPx3zihHEjUJjmZzxsT_AdYaLqL-6Y4KUuhk7Ee5rizwrzIqpgQgFahevhe-dBoycxAuc2fQMsPs5HkX0f5x3Koi-5kpD36PZC2Cr6ynJGZqXUvey-i9QqIC5EqJ9IDogqycRQs7BgP8ouArVT2D700DU7xFrr2yZnhYwwa8lmF4xJixH-kYB_qHAuqzcvvxExeKUhs0e5NAGLqeiczWb3y4KLgXh3Hl-sWd_SMZVU_p1QfN095mKK2G83u6BPPbEebqfHa-DEwaOAg6jyoeclH6kb7TliveWeyWeK4XvkiJx44-JHO9SMvjZcD6Vh_dObsmaoKgtVKKdVBZak0lQb51K0PGSrmPtjY6MhX9TrSrSXiFOhn3SIiUbmvkblW96tAvdxbcn4WizHZipTN30rvDWqHo6hOFIYRVXx7EG0gjOUT_bjwn-2tVQix7qEnwIwfAnsnhJpu3vujLzn5x-agpFS4EN91t9acIhSYE5I8xY0G7C8pGaj0UuDR6RTyyrK20jY0eHQXWpbPGDmnV9o_nhXu6hYtKR0awk9_krLU4Vd2MALgT7x6MlgoiaaXqdq70vDMZDyOAUdvAxGgxgwfGJOnIcC1t-reorBI4RAv0ohQlrTuoOamlA6qlJBBDB1NE-Ogd0K9ZhbTwYfrs1SzdN5hBKurdBeKclytEoqOcrbP7Tv56W1paP7ZcPUui1RO5GMZED2kGDMXwXZ_Ij1MDSU8wS5f_HAQhg_xeqEdbuNT74UgQq2-DDpoq-G9G5mDhBor8Jjp7czg114GmDYF7x2b_6Cs7F9twxxKt1MC6NtwnSBdLjVf9SK87N9pjuV1FiJDFXugeYqRtJ3G5jJOdEEWRBZDRvYIdh-EU0uKPnJR2M4jLPrh89yiL28Hy9hI90kkZIGm0m1kEg9XblCQgVIMUjk6MH871hxXWWy67LF2vdCIpkCtLvTQ&sai=AMfl-YQJg7VtaF0YFVwPF_1w2uUbuwplMS2OdACtRbFW6ODknYnIPxl8r3CRxXbGplNMepIYotJPFaT_rMGX2kk7MnvRwUrWuYusuW5ppK6DhyT0Gc_B-8IPat1vr0DcDcwj_giHdwvl6ZWFyZmwH6SHAqL-b2S8dl2sbQNPCE0LJiJ9ZQ7Hyxi_59cnTha553-hjNMRMubybzNsLyVADs7AdCAcaMYC3LOhn8HRuxxYbYfg2LYlNenUcaExleqlttIuSjiRnsy_2GOS1Dn_DcKcEUaSnZJsJp7Hiu5D&sig=Cg0ArKJSzFo-CXvVlwTREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=247&cisv=r20230227.28273&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 15:16:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9B8B 118 KB
40 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B8B 63 KB
25 KB 62ms
62ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:16:03 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 93DA 118 KB
40 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 93DA 63 KB
25 KB 85ms
85ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 721B 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
URL: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:11:58 GMT

GET
DATA 200
OK truncated
/ Frame 721B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76895c2535f20793e62edbe2e680a57b406233e185f685502f0e5677b0865196

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7929 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2302 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DE86 118 KB
40 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 05:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 05:55:11 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DE86 63 KB
25 KB 61ms
60ms Script
text/javascript 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 089D 22 KB
8 KB 25ms
25ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:58 GMT
expires: Fri, 01 Mar 2024 14:11:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B7CA 0
0 57ms
56ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0Q7oqWcns5hjYwvZYFI9OgIKx3e9aHV9cF1IQXdBCRteokJj2QKIEchq9A1TSvYtrtGVY22hXT6iZbcSTtf8-jIAh-f-8LokljgW1O35H3aDzNU9ostaxh2TfreRl3tXoMljovNvLxOLe59rkW_TbHeMeEYs4ORSIbfBnfnAjuzjpO3TntNT1rCofMvia2Wmw5dzC8t3RXTxtL6LYCZwc9UYTLR9kf84FJyy9ktVynD5L2Repb8-H_7_KWjfjRjnvXMXifq-X2ReJW9bcSFX36IpCyCy6j4t0Wi1HheqT7FxfPBFO7wxC2D4jOrm9efutWL_jc68bNrBUTHauhPkV3qu_VbUPdA6oHhyW2n97kHnxkVbRLvBLPr4OB-Pr_tgJm7_vBgQ-fk3tP3R2ojw_ewZVCft-iITvcqzkDBDnezSf8lJ75sEl2JiuzB4331cQQ2qa2IUscqkPb7D2A7UKVQTVwZZeYMmKOFzbOEcTVwY5yk28dol9nf69dpL7Rsv9-L4rKKQpZCGLdd0xDrXOpWktjeh8WkCdaDP8L_4WaiXZCFfADSd8HUzsnvphmtI0Bi5Zd0EltVPGBcbcf0PXhUjuDV5oUDeV80-bhPOnd_l9UJBUS6Z3-giqWKtuS6S4qxGSJwNBxKKR-WPmeTVGq6b58FqkF8iiZYAD8gPoud-Dz7agY04c5wKjAd_lUZYlLz2TJK1wxWwIOfZ8OvEQckXfk9eyJNZ2-thchn0mwlKYmZsQLj-K9zKSZ4WqSmkdVXLXyvMbpxlWItqrWFmctjHU7Uk-ERV8e8yp5qOzVnIWDvHYzhUh3TBdSb5RdnG7IXpjMOOO8gNn-HHviOdB5-FGzgH0g8yMkXFMaMLExwYeILdoGhlrH8xCDUmrJsPbrljFPF0LSh00YE8l0vCZpmhNDznxGlhmmrviD2nduoDvOuQS2_IzKH07_bA6HqY2ozQmMttGMArS6FChdckE0wRlGAOo9uxUWcJDS5K5Xvb1f5Or3sTlgqlixqZoDO_2EqNjTYpBGqP_4NtcrYjwXCP-xda18QYDamvLuKKfddZR5eVSGpjeQtMEB0Hvha5GeqZbARBm_8Fr_0_rDXotRUjDPkJs-eBQABr7rXlYaCGHE95EIuZwg3IuuICMNW1v3iE_XOZ_-Yd1OyFivvFLy96TP6-eGlwTAJfBxzq1yvjzkryu5Y8YZamH4Q7XiR59XRNIIPNF5lhzXuRa7nuwfMPTWFmuxEFW&sai=AMfl-YRIMQ5pSk0zuGiIU_-0fDd29NTSRQ73wCqQsdU8H6IBVrx1gHmK-Dt9JBOIjgiXfq_NOVTA_N-ciHE0DWQu54PVo0_TnMsE_Tu55ldl_WyzgCcS_BU4m-P75HAs8iQHCwoqD3oysQEB1tp11L1e5XhCifHmIDiPGoYZIS8j0Totvl-3KFpcVes9QL8hUneYQpHcstiajGcqcU9Pa_qzJn1dh8mQ0XM7FmELbRwqmHJ48UNjct6wf5BqutWbgMOcYPud0O7cUxZ0HauJS9I7TLI3IOm9TY6_LsCw&sig=Cg0ArKJSzPL8RH1nXgNDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=626&vt=11&dtpt=314&dett=3&cstd=305&cisv=r20230227.58115&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 8552 1 KB
736 B 143ms
34ms XHR
application/json 2a02:6ea0:f400::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:f400::4 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-77-pop: zagrebHR
date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 797049
x-77-nzt: AamW8oqHYnL/eSkMAA
x-accel-expires: @1678009915
last-modified: Thu, 09 Feb 2023 09:51:05 GMT
server: CDN77-Turbo
etag: W/"63e4c209-42e"
x-77-nzt-ray: bcd92b1f0d3a5ac7b4bd00646eec9a0e
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7929 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2302 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ABA4 0
0 58ms
57ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssL-lsQCcEn63nnsh5_tozbNsn6eAhV4zbWjsu48pcYL2dzgiAQ0mEj7BYjLhxb14B8Hg9Oy9ZguatfNhgyK4ZOt8_6cDhvuIWV39Aq9hDh7bnjEF4HIQ8x8-F6ujlXnfRxlyAbOygfDmvceRFlPuJQ6_cxYGNQ4Gg9Bp939puWIK3q8pCJi8GI8vzudNvdErfwNFC7iHdq3aSKr0tT-uappw4sXZ96p1QE6KxURkDABDxCOtxVJLcQYz4EvA_v-ZJHqv7P9TmIQ6Lgz09bOh8PjgaNuHTUIZfVkQS4T4FkPPb3plTCY1f31aFmvTu7pB66yyeRhGaOeL78KGqdrXrJXYf83Vvd3OyWFmkOyXE_c3c-oX-WZeGRYDGJoZ9FDt1-9C_GvphS0RJb_mgoLQdXdYzs70tKToQSWHUAsEomOj8oqovywxFLBs-SuTM3a8VSu7CCMFUrSPrMdAWygbvDJPFn0e_rm99aKLoRMivyfrhV5GHWi-ZVJQngY7B_YMYBeSWP5POsEHEC1CGJQeeAlxjNf-bYIqsgFRv7fH6UAjVIuxXyNoSYBjIVC8GQuu1-S1AkYSElu9J58JusZIEuqIhwAj1CkKK6wLASRA2g7DJe9SSs7MpJoqGtHX7AFsz0qB7Wv4jRiBplex33WcNDfusMIt6DDtooSIP3jRoo3kmSX0SPzu7Pw9-5mP1S6wrgIk15JfYtTMvtNPKpRgTADPbI9KtNG_8Rqh9OOtP_6PpLyk35KY7HeIjRyhTq-4dsYXYoUzpkvEjly5MPYBixobFv-WhuDlo6stkdcPHp8OD7tXam5w5Ba-nVtxAEYK9MGEAjqwljQeLUPJFrMviClMIwkEbnCmwmRydWGWj8yjOhfkI-KONxYezle6-BUtaeJyJaP_WzmUQ8MtdLZwCzcMd8KWyr82zHWraKRxh023b_UTBK_v3JYrWoproLUk9mqQQ0P1g5MK_5sjhXDm64Mlb8zyTuMaaiTVMC_ZEZYr-TBrbfIygJOTIW9C4oKTUsnxjDh0bQJdDrTBA-DYqSh_sqYKCzm_3rSmhS5AixgKLdKIP-kwU5rnFRxfUekGNq26LYCejgA2RoeifAOKQ1K_SJ4VuRUi9redDwkrjklfGZ82qyALTQMpszDtU9ntaOVxpwMf52yvXSjxDHKxevOwrrsP7lt2sdYazYZZ1HWrfLJPFTYsK5imxOPqAHEYkAPknbk0oxaFkgDmoz3lZKOJC9Ve8FZ-EjTDB6dEm&sai=AMfl-YRyKOCkPlz-jwYeo2leABsjuzolJgGYBdU1bBo9rR__tGqHh8XuGqW_wY12WLzR1gfWMcsaKyp4-AtzU0Mi8MuyIM4ULo7YANwjezx7fct9tkT5MuMWtCpETChknVdz2nL0XzUb75HkbrDyp4TBPfqBDQFgmlSm5CONcLRzvF-pL0QE-_U6v_xYkldeberMCks5pintxuPWRmgYo6NFqVqKcgs_8Ijdpx9iv0RhuEJhJjOiCvSCUH8LPgCVJxRIsNPU1KCYsYb3XYsb33auMJIgfnkTrLrzN-Ok&sig=Cg0ArKJSzNPLB_Y7caIIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=461&vt=11&dtpt=328&dett=3&cstd=129&cisv=r20230227.40953&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 721B 0
0 58ms
57ms Fetch
image/gif 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuA_cCI2cGSlLj_PwNUpSpnfg63iK8ukaFwL6E2mP6jLygafGkgfQ02HnxK1UPwE57U6yOyao5xagoYHMWJb7pDEzQJwqCRFh6dUYezNFXU-B84g826HXVf3OfkW7pST2uTZybkvaQrMYs9AWXqk_-EAnt1X5f42XXqOUDID4jysEClQCszsA8aajGWMn8sUklcyjsRaEV28_M4OwcycQUE3V1yet2ZJ_Ts2FClamkxmnCkRc25nP3Nc2y41nK7Td7n41A0a0Mn_oOWZRMLEFMB72wMRPWOko2M3vgLtf7zr6qWPx3zihHEjUJjmZzxsT_AdYaLqL-6Y4KUuhk7Ee5rizwrzIqpgQgFahevhe-dBoycxAuc2fQMsPs5HkX0f5x3Koi-5kpD36PZC2Cr6ynJGZqXUvey-i9QqIC5EqJ9IDogqycRQs7BgP8ouArVT2D700DU7xFrr2yZnhYwwa8lmF4xJixH-kYB_qHAuqzcvvxExeKUhs0e5NAGLqeiczWb3y4KLgXh3Hl-sWd_SMZVU_p1QfN095mKK2G83u6BPPbEebqfHa-DEwaOAg6jyoeclH6kb7TliveWeyWeK4XvkiJx44-JHO9SMvjZcD6Vh_dObsmaoKgtVKKdVBZak0lQb51K0PGSrmPtjY6MhX9TrSrSXiFOhn3SIiUbmvkblW96tAvdxbcn4WizHZipTN30rvDWqHo6hOFIYRVXx7EG0gjOUT_bjwn-2tVQix7qEnwIwfAnsnhJpu3vujLzn5x-agpFS4EN91t9acIhSYE5I8xY0G7C8pGaj0UuDR6RTyyrK20jY0eHQXWpbPGDmnV9o_nhXu6hYtKR0awk9_krLU4Vd2MALgT7x6MlgoiaaXqdq70vDMZDyOAUdvAxGgxgwfGJOnIcC1t-reorBI4RAv0ohQlrTuoOamlA6qlJBBDB1NE-Ogd0K9ZhbTwYfrs1SzdN5hBKurdBeKclytEoqOcrbP7Tv56W1paP7ZcPUui1RO5GMZED2kGDMXwXZ_Ij1MDSU8wS5f_HAQhg_xeqEdbuNT74UgQq2-DDpoq-G9G5mDhBor8Jjp7czg114GmDYF7x2b_6Cs7F9twxxKt1MC6NtwnSBdLjVf9SK87N9pjuV1FiJDFXugeYqRtJ3G5jJOdEEWRBZDRvYIdh-EU0uKPnJR2M4jLPrh89yiL28Hy9hI90kkZIGm0m1kEg9XblCQgVIMUjk6MH871hxXWWy67LF2vdCIpkCtLvTQ&sai=AMfl-YQJg7VtaF0YFVwPF_1w2uUbuwplMS2OdACtRbFW6ODknYnIPxl8r3CRxXbGplNMepIYotJPFaT_rMGX2kk7MnvRwUrWuYusuW5ppK6DhyT0Gc_B-8IPat1vr0DcDcwj_giHdwvl6ZWFyZmwH6SHAqL-b2S8dl2sbQNPCE0LJiJ9ZQ7Hyxi_59cnTha553-hjNMRMubybzNsLyVADs7AdCAcaMYC3LOhn8HRuxxYbYfg2LYlNenUcaExleqlttIuSjiRnsy_2GOS1Dn_DcKcEUaSnZJsJp7Hiu5D&sig=Cg0ArKJSzFo-CXvVlwTREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=460&vt=11&dtpt=210&dett=3&cstd=247&cisv=r20230227.28273&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9B8B 47 KB
47 KB 25ms
24ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:15:36 GMT
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:30:36 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9B8B 46 KB
46 KB 28ms
27ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:06:43 GMT
x-content-type-options: nosniff
age: 561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:21:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B8B 8 KB
6 KB 66ms
63ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a7a109eea31a7b04e420c8e2cf2d768dc78f54aa8822bcf794af7698baaa5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5913
x-xss-protection: 0

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9B8B 2 KB
2 KB 56ms
53ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:49 GMT
x-content-type-options: nosniff
age: 7335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 13:13:49 GMT

GET
H3 200 60005582_20230118060841687_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9B8B 40 KB
40 KB 57ms
54ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060841687_300x250_LOOK-01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18cc6bf18964d1b859721730b411edf0ebcf054ce59fb2e042c10738a5dbee5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:54 GMT
x-content-type-options: nosniff
age: 14770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40807
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:54 GMT

GET
H3 200 60005582_20230118060845565_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9B8B 40 KB
40 KB 73ms
71ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060845565_300x250_LOOK-02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0a79c54fe679d2aadeedf12f2724441b22f15f9f1bb17920a888ed43d198ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:54 GMT
x-content-type-options: nosniff
age: 14770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41431
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:54 GMT

GET
H3 200 60005582_20230118060837805_300x250_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9B8B 42 KB
42 KB 65ms
62ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060837805_300x250_INTRO.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4fa5242ff72645d861a14ec70b6fdf5cd591073e0f709bf97dd168e6dd6946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:56 GMT
x-content-type-options: nosniff
age: 14768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42776
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:56 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 9B8B 43 B
607 B 94ms
35ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357813058_170181290_YP0101A20230119&ref=29246774_4307561_357813058_170181290_YP0101A20230119
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 15:16:04 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 240641
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 69759873
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7a1a99466fbf3730-FRA
Expires: Fri, 01 Mar 2024 15:16:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93DA 7 KB
6 KB 61ms
60ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10e22e1afa38249f42b7251100c835c47ce6d7d5c157d544bad744c15e65ff6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5691
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 93DA 47 KB
47 KB 25ms
24ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:15:36 GMT
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:30:36 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 93DA 46 KB
46 KB 35ms
34ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:06:43 GMT
x-content-type-options: nosniff
age: 561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:21:43 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 93DA 2 KB
2 KB 50ms
50ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:49 GMT
x-content-type-options: nosniff
age: 7335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 13:13:49 GMT

GET
H3 200 60005582_20230118062034019_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 93DA 45 KB
45 KB 70ms
69ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118062034019_728x090_LOOK-01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e02444dc01e938e647416cabcf6f92b6b925af353e2bbdf73a3a68a4c7c39f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:04:20 GMT
x-content-type-options: nosniff
age: 47504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46090
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:20:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 02:04:20 GMT

GET
H3 200 60005582_20230118062038193_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 93DA 46 KB
46 KB 72ms
71ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118062038193_728x090_LOOK-02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a4cba4e7b6a312482216dbcd6ea8f79587d6608e4253a4c53e494f92a186a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:04:20 GMT
x-content-type-options: nosniff
age: 47504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46680
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:20:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 02:04:20 GMT

GET
H3 200 60005582_20230118062029746_728x090_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 93DA 44 KB
44 KB 70ms
69ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118062029746_728x090_INTRO.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9012289e7d91a60669d75e0fe6e61fe32f5546f1227aa97c64b21737ac2148b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10596822557170597888/728x090.html?e=69&leftOffset=0&topOffset=0&c=xHfoNDK7UF&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 02:04:20 GMT
x-content-type-options: nosniff
age: 47504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45483
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:20:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 02:04:20 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 93DA 43 B
607 B 87ms
34ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357836895_170181287_YP0103A20230119&ref=29246774_4307561_357836895_170181287_YP0103A20230119
Requested by: Host: go284.a7bbab.com
URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 15:16:04 GMT
via: 1.1 varnish-live-1-2
CF-Cache-Status: HIT
age: 240641
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 70731589
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7a1a99466c942ba0-FRA
Expires: Fri, 01 Mar 2024 15:16:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 66ms
65ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f132aaeec950115d8d7caebf24c127c10ecb70404fbf1577e68907b04e714672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 089D 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

POST
H3 204 rum Show response
go284.a7bbab.com/cdn-cgi/ 0
141 B 33ms
18ms XHR
text/plain 104.26.9.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go284.a7bbab.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.9.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://go284.a7bbab.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a1a99463c332c77-FRA

GET
H2 204 /
onetag-sys.com/usync/ Frame 0281 0
0 14ms
9ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1677770163514

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbcas
ads.yieldmo.com/ Frame 74DB 0
0 36ms
33ms Document
text/plain 54.195.241.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.36.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.241.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-241-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT

GET
H2 200 cookie
cm.adform.net/ 43 B
105 B 126ms
23ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=themediagrid&ssp_user_id=92ba9209-466e-43b0-ad41-e3bfa04f3cbd&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-77i6MP9E2plXx3nijnOa5hsOytiha12KgeRDsg--~A&expires=5&ssp=themediagrid

43 B
145 B

10ms
9ms

Image
image/gif

3.76.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-77i6MP9E2plXx3nijnOa5hsOytiha12KgeRDsg--~A&expires=5&ssp=themediagrid
Protocol: H2
Server: 3.76.151.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-151-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 02 Mar 2023 15:16:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-77i6MP9E2plXx3nijnOa5hsOytiha12KgeRDsg--~A&expires=5&ssp=themediagrid
content-length: 0

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6336467961363789326

0
427 B

23ms
8ms

Image
text/plain

52.57.130.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6336467961363789326
Protocol: H2
Server: 52.57.130.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Date: Thu, 02 Mar 2023 15:16:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.38; 81.95.5.38; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b6e8a596-8242-4a12-a686-a749998130a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6336467961363789326
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ 0
191 B 113ms
12ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

setuid
a-prebid.vidoomy.com/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-VJiJKHVE2uEOn859L6tVNFH8ONM7DuGa_k3sR4M-~A&gdpr=0

0
550 B

10ms
9ms

Image
text/plain

52.57.130.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-VJiJKHVE2uEOn859L6tVNFH8ONM7DuGa_k3sR4M-~A&gdpr=0
Protocol: H2
Server: 52.57.130.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

location: https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-VJiJKHVE2uEOn859L6tVNFH8ONM7DuGa_k3sR4M-~A&gdpr=0
date: Thu, 02 Mar 2023 15:16:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=92ba9209-466e-43b0-ad41-e3bfa04f3cbd&google_hm=OTJiYTkyMDktNDY2ZS00M2IwLWFkNDEtZTNiZmEwNGYzY2Jk
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJXGg60q4Y8WpDm9I5uwxdQ&google_cver=1&ssp=vidoomy&bsw_param=92ba9209-466e-43b0-ad41-e3bfa04f3cbd
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=92ba9209-466e-43b0-ad41-e3bfa04f3cbd

43 B
466 B

19ms
12ms

Image
image/gif

52.57.130.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=92ba9209-466e-43b0-ad41-e3bfa04f3cbd
Protocol: H2
Server: 52.57.130.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-130-211.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=92ba9209-466e-43b0-ad41-e3bfa04f3cbd
date: Thu, 02 Mar 2023 15:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 9B8B 26 KB
26 KB 24ms
21ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=jpMIgSmi24&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:06:15 GMT
x-content-type-options: nosniff
age: 589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:21:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93DA 17 KB
6 KB 77ms
77ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B8B 17 KB
6 KB 135ms
135ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 131ms
131ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030101.js?cb=31072790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 8552 43 B
352 B 67ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2djba8jk3b8ndvfep28b1fqq7rlpdajb

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8552 0
0 60ms
59ms Image
text/html 23.203.124.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-124-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 cookie
cm.adform.net/ Frame 8552 43 B
106 B 74ms
22ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DE86 47 KB
47 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:15:36 GMT
x-content-type-options: nosniff
age: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:30:36 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DE86 46 KB
46 KB 22ms
22ms Font
font/woff2 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:06:43 GMT
x-content-type-options: nosniff
age: 561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:21:43 GMT

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE86 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:13:49 GMT
x-content-type-options: nosniff
age: 7335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 13:13:49 GMT

GET
H3 200 60005582_20230118060841687_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE86 40 KB
40 KB 25ms
22ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060841687_300x250_LOOK-01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18cc6bf18964d1b859721730b411edf0ebcf054ce59fb2e042c10738a5dbee5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:54 GMT
x-content-type-options: nosniff
age: 14770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40807
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:54 GMT

GET
H3 200 60005582_20230118060845565_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE86 40 KB
40 KB 25ms
22ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060845565_300x250_LOOK-02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0a79c54fe679d2aadeedf12f2724441b22f15f9f1bb17920a888ed43d198ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:54 GMT
x-content-type-options: nosniff
age: 14770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41431
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:54 GMT

GET
H3 200 60005582_20230118060837805_300x250_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE86 42 KB
42 KB 27ms
25ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230118060837805_300x250_INTRO.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4fa5242ff72645d861a14ec70b6fdf5cd591073e0f709bf97dd168e6dd6946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:09:56 GMT
x-content-type-options: nosniff
age: 14768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42776
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 14:08:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:09:56 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame DE86 43 B
607 B 21ms
19ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357813058_170181290_YP0101A20230119&ref=29246774_4307561_357813058_170181290_YP0101A20230119
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 15:16:04 GMT
via: 1.1 varnish-live-2-0
CF-Cache-Status: HIT
age: 240641
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 15 Feb 2023 15:39:24 GMT
Server: cloudflare
etag: "2b-5f4bee2778300"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 69759873
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7a1a994718dd3730-FRA
Expires: Fri, 01 Mar 2024 15:16:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DE86 7 KB
6 KB 52ms
51ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bda60131557eff9ecf603b771e31ce4d176467500d9623a9b9317dd6307199c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5731
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame DE86 26 KB
26 KB 20ms
20ms Image
image/png 2a00:1450:400d:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1877853678581317632/300x250.html?e=69&leftOffset=0&topOffset=0&c=fTuCQ0xOfr&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:06:15 GMT
x-content-type-options: nosniff
age: 589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 15:21:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DE86 17 KB
6 KB 92ms
92ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 15:16:04 GMT

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A86 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E72 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2F4 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:11:57 GMT
expires: Fri, 01 Mar 2024 14:11:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24CE 783 B
535 B 46ms
45ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

769184ce655bc44c0548388697737e81eba39bc19a6c815dd1d3676dcae8f28e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y7uCkkwxjtlGTDAmD2yLBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go284.a7bbab.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-y7uCkkwxjtlGTDAmD2yLBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 15:16:04 GMT
expires: Thu, 02 Mar 2023 15:16:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7929 0
20 B 121ms
121ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIpnOs70AZN3mEIuF9u8PiNSTsAMAAAAAOAHgBAI&bg=!vr2lvenNAAbK-VRH6vk7ADkAdvg8WhFT-rb8n2XE7D_vO2w3TVsh7ayAcnRiNJa6qK8UqvuzotSuct6GsSyDPG6mBlh_dutdpr0CAAABGVIAAAACaAEHmQLx3P7BSJRhVlNAicBswwOjNz7FZ6LytZPnbmVmRn6qTx8cR2LFteREYGfm25R0BUNdLaBqZTqx5Ud87xuuaTFfGvC0fWNcM4wqFwfMpNpaopn5V2Jaai37rfwIt-xviwIDy2tPo7wCrQyzyvlSQOtCmEkcE7vWmROL81tv_LTvZ6NjHKqsKz4oiZRNAreRgEqAh5LvKK9iRf2M6BQV11wO-Oz5IDHeQlFSiyB1UAAm1_JOHAxDvosZfV31J7gb41nL_WiDBzVcqB8J1nUZnRsiyJrl-U34euaM5yIaR9zksbY-z3gRyOTi-mqtU1s4jtik7XnqWfQnh0sxJHoj_pNI9QLj11UnFMtRdVvHNg3xTCW3mtQUczqJmnjrSb582n2IjKPgfbU37J3TydvGrBJ9cW33hI8HzDYi2oZxgcQgpmEjD7MPtrlcn8ZrkoAwkgNwQqDvsLo-iOqQ_Nkhs3c6wczjqwy5GgbYpDdix1SY9NjAN_W9XbGolq3hVu_kiuivySfgJy9OYCkNCqDza3ewqLt54mdfxmoQAEwaSE61F61WSNlUOBYh6Rm8iVhm4ey3Jeknr04v-zLe0aeLUqSUeF4-8Gdu_UfeeIRk7VLTixXqW0NrkDe3EIRyz0NUaG5VFZiWqbdKn6vE7uYZWbxMKo5tNwdkdp_ryyYU8zKhN_QIyY87BIxUZHY-oStU5__XOAGNvUIPxbkaaMs1uFHVLZi0F1lqFn-Ma0ARoQpvWpqvKbDqAzeTUAdO8Szuecbwf2t9wWgNkvbdx4jYiP_7eqWZr9-TkLWGlEQD1ISTbUxqFKc0j9Utk7n0f1zJDSIlhBc__p8KrLIuhfMHPmlIlNRokkQ0OrVvC-WoNBHIDTAOpC1i1HjVSyvG-NvbLiaiUXQLQNR-ozdFvOVwG_xl2H_Q2Cz9yBv8707rapQARlJ7oVMHjGx1Eoli_s0lg3gpc9P4Zoh5c88R3WK-yBw5bGUSMaY4VdGPdJCyNiDxYYgx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2302 0
20 B 114ms
114ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRUEks70AZNHXGYGT7_UP5P-n6AIAAAAAOAHgBAI&bg=!VlWlVQHNAAbK-VRH6vk7ADkAdvg8WiAgUoZVwmteHrmjFsGMTI0eMchwOKfjoX5fL1iMUrnTKF9XouYdLwCl_XNqlst3IhBrB44CAAABFFIAAAACaAEHmQM66Ulaw7LLFLMCfXINdPPYriA0WWHriudlQbRgM77Gb-YWVQgW3P9fvFPXOMU2jYE7kmBr3QGbpR44oXNq2KwiuGMlvCygl70X5IlLEAM01o3Tbn2GMMx8EX8_L9afXY_ZuYrOIpPkNZsgRljBiyfTR30wjzCBcpazHeVw5Ye8Sepg4Jxd19hok4TUo3lkgu80XNUTNG6tfqAyrlkiNvKQSksY1wrQFQskWO0I67Am_VZvaYjK3u3QYm-hybBLfFmR7aF2XFzoC0LG0dPXuPQLxk1tAQW99ChqwgpKePQQ-z5D6oh0CwSih-rOfdzZxMiGYqgrzKL9kNs6UFn8vGKGCn8aIubRq4gil8a2h1VfRuXry9oAabl3HUyTMIYtR6ILtRnjobSYfe7afZk2Fhk6fzXc5js1RKyZubwsDapOhId-d4v63XmMpTB-COYwYW8Nzi0DFGyPQ6v08NVN81GcUNJn-TbFpzs81gZbukOtiWB5iz3GQoT2CY4NArlDHkyam55Z5fuyuFb1kbMOngZOHmnJqentt9ZXfW2Re8L5P-SX9eonrvzTLkTvaaS-88vNSJWTWXpzqQkufCndUSIyzDN8zh3ZcdI8Cd3-n20Flx550G1bjH5_ca-Ie5mcaNZGzRrnPQQUiH0PJA6Lj2x_OeUjryz4NO66SMg2F8PYjHJTaBjzXzAB82HsufkZJdXRVZJzGAlqVj_DvufdUkWgTc95rY3qZDFoF8Z3Crln0Miio223Khbf4SjoUnk_Ie2fepl3KFSbh3uGtmi1WVDUgNU4H85-_JQmG-DHgtW0duVPVvaqHvjAFdlLZ-l7rDUhNFAlJT8UFBumfLEdmz0cf5fo6S30nbJjhVPBFCXylbbfoHWeGc-SMNA7OndnWVLwrjXv4w4QCxrcBvdcoYEbgyDIzTGcpFYhAOGvMXOgejIWwoTNxEhUqEKgnWlwAGcVABkFes24g_uyI_QMWR0VQbU5P5_Ln65p-i644wLVA7oBwavtaf0Ghc0ZTQ1krHVueiw8DlR3T1X8JMJuMjBuPcZFzK93KVVUhR7sfACxwNgOr2eCkjIyeNfzNdileaj4qYVYg-hZ8A6IvA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame 268C 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 089D 0
20 B 118ms
118ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrgjOs70AZIi-GZjUx_APnO6B2AoAAAAAOAHgBAI&bg=!BwSlBFDNAAbK-VRH6vk7ADkAdvg8Wt96-9dc3D1i4HLad7ix0K16ludr7DdSlj4xQx-vnxOCkbZzg6OeAVf9Ty6fSuqdPX4tVjcCAAAA4FIAAAACaAEHmQLpQgvSzugCJWNdjS8x0VKKPU27udF6vROSzaHYc8SzVI1ryZyHhka99X9mzQacYi6dP1fCzJthP6G7wWNIEK71JvE1RZ6ZwKN7Vs0JXfbBFulS2qn7L1_EGlQGQZvap0RgIeJBk855FxAa218VpobKot2--17bCJxRR5NsfAdfSD2ZhgfnPtOpypA8G3aQZXFsc1dUJ_t9z7PkWO4LLeQYMIyuxuTgA8sQ3QRR6f5E-OVxgukrBef2_ZoT09uOpMYOuH7r3k8M-po6FwsfMxPwm1tBYGM6_G2sf_cyxwvHNA8-GD3Qe23K_rxmgngCd44xKicQsMEW4VsO7znnJpJhDEVsjACOtp5cEpogRIPfshIc4pzW91ruhuXproQf0u-1OAqHLcAxKoWT8X63eoD1QB5ZC3i7FZIQlGe8_AXQBwxkZZgOaTczcsXgmP1QzbJtRFzR22DTpK0A70vrMpO0tg602PMVzuippPZs7WJiS8w-Ftv5GKZMsYiATUWjZvVI9NOczcP4yItIf3JuSHWnmL6Z2EoBfPwcqK-PgvR2_xF5F8NTRY55_-Slb16CxBVlzInNJ6cM8os-3SA9evHo4WLqgLAsC6rBZE6yvieQAupwnUC2wvEK8r7fLokWhKddV9LWBTTGNICvo4MZUb2l8QYfvSE5qhtLTWhnMaZzs3lpOHqIG8ZW1hrked256_fhPzrT_S-RUgEi9FIPH3bjzqfg442XEj4c0gALfbbHrJ7xlO6C01iwx3WS2jehctErYtNP4NnfG0QC9vy-19vj3dnd0k8fIXspp_NO-hzONhX3yp1SU-YFwa9dhmttRQkC9Nd3f6IrHmi-dm8YHthuIjrU5-UQJXu7g-WjXOEYN4_7-xh9hm_r_FfANYzquN9dpWEK2mk1g1uQpJx9nBllyi7-JAJwpjAa3mEovaqMKXnVlFUNx1kzDP-qSYKXTgikEc1nTkmNE0kMn3GRoG794HrBLnWYMghqEw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24CE 0
0 79ms
79ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030101&jk=3514755029690599&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js Show response
pagead2.googlesyndication.com/bg/ Frame F2F4 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fgjj0qUz0ViO0D34d8QcF595gn_WjXXxo0LWw9T1mnM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14340
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 11:02:06 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 20ms
20ms Image
text/html 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-QDVJ1GCKH3&cv=1&v=3&t=t&pid=1916553559&rv=32r0&es=1&e=gtm.load&eid=17&u=AgAAAAAAAAAAACCA&h=Ag&tc=12&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A5A 42 B
64 B 116ms
116ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstG8rT9yMNPyLZUJ_U3c-8RbEp16gL_HiSdweYi79oApk1YdD-hwOGM4NS63WldmbvLxv3JRUbtvxwoS-NJMPvosiDRLu9O_PUCzGKHmGMejkT3REhUXK4cuApUu8aFJTFyuckshg&sai=AMfl-YRCNluXL5POsvrUm7pYVn7isJCr9i0QpYL-Y0jP9VTdyYGb4FZT9my-VXTKg314Su3RIWAWcPNcMR1PpHt0g3QMO4V4gTRbP3Nj7jwo1bVFBakd2SvM7XsMigGVNHZfJnRD67IvPalyHzPlRw&sig=Cg0ArKJSzDBB46fhNf3mEAE&cid=CAQSTADUE5ym-KgzhExqttPQQnNEpxdEHra6dZWEnuFjpRCr0EPiITqheqZSO7tA3Y04YKcaxdo1MsxeneXfhJFli2FyPeJJLJa14MW6GCgYAQ&id=lidar2&mcvt=1000&p=18,508,257.5,844&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=1975265503&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677770162945&rpt=749&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F2F4 0
11 B 20ms
19ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ANo1yQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:16:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7CA 0
20 B 110ms
110ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8916044184082&version=m202301230201&ct=76&x=1&cor=5239219827217092000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA4 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4392531369465&version=m202301230201&ct=76&x=1&cor=11846592105525070000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4437207226744&version=m202301230201&ct=76&x=1&cor=17268013060971102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030101&jk=3514755029690599&bg=!4eKl4rbNAAbK-VRH6vk7ADkAdvg8WkznNK6NETq30GLlI5YTAukE55KHfkk2uCv8KsH83J7Dq75z6q3bJw9mHx9spErRLE14PHYCAAAATlIAAAADaAEHCgDFPsM5-BiLQVWckSRxiNX3zqj9e2FMVYpEes2vsn9OMQEzS7BPradmO4HMjYO9C829V_ZSHfgSGdK1-yPof5ulGBHNcIhyBIU83nOY2HsOEi-2HPgcVmTipCmOY_MRvokTg1VtpSeKXGfs7meucxC-Ov5gAf5_3AzpMO-w8-Xj9nzxHlfA92uhVouyIIzYEgBqDhafv1tcpbdCjqSYnqYl9ZOuoe32DbghI8GyP8NRObHhZxsN--CD2X3XLJWnGJWEuS2HYUSZApu2P0CR17TFJTEwbX0e0vyt74o5TWle0KZULBkS84ngTnzA3nPXDeO6QWVIAXxtxcFTSwmUcaDqITiG24KO4ZvXAwA6AxEFlunegJ8ytvYJKi3OiDFWAKQYKNoKTiVQ88WW3zjAb8xfyqBrKRU3iB2Qg9V8Xt3_dbbfnIGLzzc4rXNF3xDfrFw7jqpuu3t0egvBhlkUDAHrnsAfldT1YAcvJryTmxoPjHHypYdJUtYMiLTUq16U7K9CJLzJZ0EN7VU340FqvJj2-WGXgs0gOmCyYdMpcaIuJ6uh_Jd5pq30ryiXvIU3Piw4uqpdDg5UzvvAzSDIgeL6gV1gnXejKbwnJ8v-LlxrnLaIypM6aboduZNAYgWJLMBcRnivJe60Jt_swaptGw0Ms2HDB42i8oCATmNU9CmKs27OegndnAkTM8pzlTNJ2ZvCKAJ5RjSP6HoZeRPS-kMFnHjt6sIOsvCy4o47LDjAZWfeeCHVyVrQiG-Rz6yOK1f3X-qPr1wpwg4mew0uRVs0V3toIYOmxlsjf23Eu4uDlxlIlnirDF27Wvud1oJsWCg1vqEFiy4IKtV8TSdrT20y3S44vCarV3C93_dL135uBIX9Uxy0HMpfkCT5IH5Qj6J1Tv7Dhq6lt-CzC-Kd1ulpQOJ2Ih927ghG48dG9TIYKgm01IPAE1G34yxZCvt_cyg09PskCN5BsGy_eDNfE7a9sRF1HiA6_HdEYs4BCNXKkkhKavAi-SQ_LGyZvumxThOq4PBHrtoOvkLhE01MNEnW6PCzpSBsCKO2YUBt-9igImRjZNWlHeI4MxE_kwSWTNisXtCWxAlMInp3f95ZjJxY4CXIlgrnS87SSuhvitYhEtZi2CKlOS9mDX5px_mE352rS4F3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go284.a7bbab.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 cookiesyncendpoint Show response
sync.aniview.com/ Frame 8552 0
234 B 101ms
100ms Document
text/plain 3.212.83.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1677770162771-994587376777-001192-004-009061&biddername=133&pid=59c9148628a0612da3689288&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1677770162771-994587376777-001192-004-009061%26biddername%3D133%26pid%3D59c9148628a0612da3689288%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.83.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-83-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 02 Mar 2023 15:16:06 GMT

POST
H2 200 ctrack
track1.avplayer.com/ 0
94 B 352ms
91ms Ping
text/plain 3.229.1.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.avplayer.com/ctrack?pt=2&d66=8.2.12&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&pid=63e26ea450153dfa9007b615&cid=63e45f60d4c09df37c051e35&r=go284.a7bbab.com&sn=&cd1=&cd2=&cd3=&app=&test=&cb=1677770162167
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.1.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-1-150.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 15:16:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track
track1.aniview.com/ Frame CDCB 0
93 B 96ms
95ms Ping
text/plain 184.73.109.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=go284.a7bbab.com&rs=go284.a7bbab.com&sid=51286&t=1677770162&cip=81.95.5.38&sn=&tgt=0&osv=10&bv=110.0&brn=Chrome&wi=882&he=496&app=&AV_PUBLISHERID=63e26ea450153dfa9007b615&test=&d64=33e72196f994ad0f1c29c4edd5e657ee&d63=33e72196f994ad0f1c29c4edd5e657ee&aafaid=&proto=https&uid=1677770162771-994587376777-001192-004-009061&cha=0.7&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&d35=&d36=6.2.86&cb=76650822669&d39=&d65=&d66=8.2.12&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=0&prbdsup=whiteOps&d16=2&d37=realtime&pt=2&d66=8.2.12&stagid=63f8907a8aae96ca860d32b6&stplid=63f88bf7671544492b05ff99&cvid=&cpid=&str=external&AV_WIDTH=882&AV_HEIGHT=496
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=63e26ea450153dfa9007b615
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.109.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-109-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 15:16:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QDVJ1GCKH3&gtm=45je32r0&_p=170485274&cid=1969437710.1677770162&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1677770161&sct=1&seg=0&dl=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&dt=%D9%82%D9%85%20%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1%20%D8%A7%D8%AD%D8%AF%20%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84%20%D9%88%D9%86%D8%AD%D9%86%20%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83%20%D8%A8%D8%B7%D8%A8%D9%8A%D8%B9%D8%A9%20%D8%B4%D8%AE%D8%B5%D9%8A%D8%AA%D9%83&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QDVJ1GCKH3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go284.a7bbab.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 15:16:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go284.a7bbab.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go284.a7bbab.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8bd5c90908cd07bf890abb23a2dccc2c
.a7bbab.com/	1970-01-20 19:38:50	Name: _ga Value: GA1.1.1969437710.1677770162
.a7bbab.com/	1970-01-20 19:38:50	Name: _ga_K3MK2YLRZB Value: GS1.1.1677770161.1.0.1677770161.0.0.0
.a7bbab.com/	1970-01-20 10:02:50	Name: lotame_domain_check Value: a7bbab.com
.doubleclick.net/	1970-01-20 19:24:26	Name: IDE Value: AHWqTUnXfbQliijHKwzYSEqML7ai3p3IoSVHv32y5WIZGJ2TR1p-sAev0C7vU5aoEj8
.criteo.com/	1970-01-20 19:24:26	Name: uid Value: 22c330f1-5b1a-40fe-a9ad-330e3dd894be
.matched.se/	1970-01-20 10:31:38	Name: aniC Value:
.openx.net/	1970-01-20 18:48:26	Name: i Value: 523a3336-1d47-4cce-bd7d-c2965f79477a\|1677770162
.csync.loopme.me/	1970-01-20 12:15:18	Name: viewer_token Value: 0d8fb9a4-5bf4-4328-b09d-6405bf64d63e
.ads.stickyadstv.com/	1970-01-20 10:46:02	Name: UID Value: cb4fe078891bf26e5cfe8f0575cc94e
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1953
.admanmedia.com/	1970-01-20 10:22:59	Name: admtr Value: 29cac34d-f275-4853-8353-05cc39d99661
.admanmedia.com/	1970-01-20 10:22:59	Name: ac_r Value: CS125
.casalemedia.com/	1970-01-20 12:12:26	Name: CMPS Value: 5159
.casalemedia.com/	1970-01-20 12:12:26	Name: CMPRO Value: 5159
.adnxs.com/	1970-01-20 12:12:26	Name: uuid2 Value: 6336467961363789326
.casalemedia.com/	1970-01-20 18:48:26	Name: CMID Value: ZAC9s68NJNXeEjFsaQooEgAA
.doubleclick.net/	1970-01-20 10:02:51	Name: test_cookie Value: CheckForPermission
.a7bbab.com/	1970-01-20 19:24:26	Name: __gads Value: ID=14a46a99831069d9:T=1677770162:S=ALNI_MYvl0UUmVYrCQDOFRBlh5v6icnYMQ
.a7bbab.com/	1970-01-20 19:24:26	Name: __gpi Value: UID=00000bbda12efd45:T=1677770162:RT=1677770162:S=ALNI_MYggrhu1zVJbc7BV8585A6AvoRhMw
.a7bbab.com/	1970-01-20 19:24:26	Name: cto_bundle Value: IF2kSF9Jem5XQzliSTRHSyUyRkx1c2hJJTJGWjVXUVNPUWswN0dUQVVnMFRYRFA3bEd3TWlwT1pEZnBhdTdTb0Z5UFE1ZDFlc1BtN2ZtR3UwY1pON0tmV080bnpSMmolMkZxaSUyRjVEOHlFcFFCV1RKaVpQdXVXdlhYUXN1cEtobmVYTjJwN3F5UzJDcllYMVN3aXJiWkhlUjBEeUs1NWphdyUzRCUzRA
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 6eb8ec279cbf4055
.a7bbab.com/	1970-01-20 19:38:50	Name: _ga_QDVJ1GCKH3 Value: GS1.1.1677770161.1.0.1677770163.58.0.0
.adnxs.com/	1970-01-20 12:12:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In>BS+?5!@wnfH8K6pQK`!5=E<L5?%LhYw$+fAps'b?nj6e'fN96WTe8?MO.gZCPhO%nugO%v4VB%notl*IRTZ
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_9 Value: cb4fe078891bf26e5cfe8f0575cc94e
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_9 Value: cb4fe078891bf26e5cfe8f0575cc94e
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_57 Value: 29cac34d-f275-4853-8353-05cc39d99661
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_57 Value: 29cac34d-f275-4853-8353-05cc39d99661
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_56 Value: 0d8fb9a4-5bf4-4328-b09d-6405bf64d63e
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_56 Value: 0d8fb9a4-5bf4-4328-b09d-6405bf64d63e
.disqus.com/	1970-01-20 18:48:26	Name: zeta-ssp-user-id Value: ua-bd80717b-df6f-3255-bb19-50e796cb5837
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_10 Value: RpO7TzNJYnCL
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_10 Value: RpO7TzNJYnCL
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_52 Value: ua-bd80717b-df6f-3255-bb19-50e796cb5837
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_52 Value: ua-bd80717b-df6f-3255-bb19-50e796cb5837
.doubleclick.net/	1970-01-20 10:02:53	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 18:48:47	Name: A3 Value: d=AQABBLS9AGQCEJg66lWk1y6QnUibybYNowEFEgEBAQEPAmQKZAAAAAAA_eMAAA&S=AQAAArCz-AY9nGF0555LB8tq4DU
.bidswitch.net/	1970-01-20 18:48:26	Name: c Value: 1677770164
.bidswitch.net/	1970-01-20 18:48:26	Name: tuuid_lu Value: 1677770164
.bidswitch.net/	1970-01-20 18:48:26	Name: tuuid Value: 92ba9209-466e-43b0-ad41-e3bfa04f3cbd
.analytics.yahoo.com/	1970-01-20 18:48:26	Name: IDSYNC Value: 195v~2aaf
a-prebid.vidoomy.com/	1970-01-20 12:12:26	Name: SSCookie Value: 1
.vidoomy.com/	1970-01-20 12:12:26	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2MzM2NDY3OTYxMzYzNzg5MzI2IiwiZXhwaXJlcyI6IjIwMjMtMDMtMTZUMTU6MTY6MDQuMzI3OTQzNTY5WiJ9LCJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS1WSmlKS0hWRTJ1RU9uODU5TDZ0Vk5GSDhPTk03RHVHYV9rM3NSNE0tfkEiLCJleHBpcmVzIjoiMjAyMy0wMy0xNlQxNToxNjowNC4zMzk0NjMzMzhaIn19LCJiZGF5IjoiMjAyMy0wMy0wMlQxNToxNjowNC4zMjc5NDEwMVoifQ==
.vidoomy.com/	1970-01-20 18:48:26	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjkyYmE5MjA5LTQ2NmUtNDNiMC1hZDQxLWUzYmZhMDRmM2NiZCIsImV4cGlyZXMiOjE2ODAzNjIxNjR9fX0=
.aniview.com/	1970-01-20 10:17:14	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
sync.aniview.com/	1970-01-20 10:17:14	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://go284.a7bbab.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/ Message: Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://go284.a7bbab.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://go284.a7bbab.com/15198/2021/%D9%82%D9%85-%D8%A8%D8%A7%D8%AE%D8%AA%D9%8A%D8%A7%D8%B1-%D8%A7%D8%AD%D8%AF-%D8%A7%D9%84%D8%A7%D8%B4%D9%83%D8%A7%D9%84-%D9%88%D9%86%D8%AD%D9%86-%D8%B3%D9%86%D8%AE%D8%A8%D8%B1%D9%83-%D8%A8%D8%B7%D8%A8/ Message: Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://go284.a7bbab.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fgo284.a7bbab.com%2F15198%2F2021%2F%25D9%2582%25D9%2585-%25D8%25A8%25D8%25A7%25D8%25AE%25D8%25AA%25D9%258A%25D8%25A7%25D8%25B1-%25D8%25A7%25D8%25AD%25D8%25AF-%25D8%25A7%25D9%2584%25D8%25A7%25D8%25B4%25D9%2583%25D8%25A7%25D9%2584-%25D9%2588%25D9%2586%25D8%25AD%25D9%2586-%25D8%25B3%25D9%2586%25D8%25AE%25D8%25A8%25D8%25B1%25D9%2583-%25D8%25A8%25D8%25B7%25D8%25A8%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.vidoomy.com
ad.doubleclick.net
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
c2shb.pubgw.yahoo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
csync.loopme.me
d.vidoomy.com
dsum-sec.casalemedia.com
e0173c5447065d2e993a6e477ada08ad.safeframe.googlesyndication.com
esp.rtbhouse.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go284.a7bbab.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
maxcdn.bootstrapcdn.com
mts0.google.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
play.aniview.com
player.aniview.com
player.avplayer.com
portal.o2online.de
pr-bh.ybp.yahoo.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.matched.se
ssp.disqus.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync.aniview.com
sync.teads.tv
tags.crwdcntrl.net
tg1.matched.se
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
vpaid.vidoomy.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googleads.g.doubleclick.net
104.26.9.207
104.96.145.246
108.128.57.95
13.225.78.47
141.101.90.96
142.250.180.230
142.251.39.2
142.251.39.66
162.19.138.118
178.250.0.157
184.73.109.176
185.64.189.115
185.80.39.216
185.89.211.12
198.148.27.139
2.16.107.130
2001:4860:4802:34::36
209.191.163.208
23.203.124.192
23.203.125.36
23.37.42.132
2600:9000:21f3:e00:a:e047:752:b361
2606:4700:10::ac43:266a
2606:4700::6810:3965
2606:4700::6810:5814
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:831::2002
2a00:1450:400d:802::2002
2a00:1450:400d:802::200e
2a00:1450:400d:803::2002
2a00:1450:400d:805::2003
2a00:1450:400d:806::2006
2a00:1450:400d:807::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::200a
2a00:1450:4025:401::9d
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:f700:4::212:4f10
2a02:6ea0:f400::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:64d1:cba1:647b:b2f6
3.123.121.27
3.212.83.154
3.229.1.150
3.75.62.37
3.76.151.8
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
35.169.19.18
35.174.127.249
35.190.39.111
35.214.223.115
35.227.252.103
37.157.4.25
51.89.9.254
52.28.203.152
52.57.130.211
54.195.241.242
69.16.175.42
69.173.144.139
80.77.87.161
98.98.134.242
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03cea4033e3c7cd780b657462849242110bf27386e8489048ebaac382ae902b0
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
05d33bce3fc1753bcb9f94f51a7536cb621411492720236a663a7d28e2731359
067292308636933e3de8c39c88c0336d722cc32e94004070d09454ceac143456
07219384ca652e6d557049ba50ead0dbcd840a698eca2a9325df17dcf4f5d1b1
07393901245a0fbcf9297666302c66dfee491f2d3ed0048036a22f819e534631
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a4cba4e7b6a312482216dbcd6ea8f79587d6608e4253a4c53e494f92a186a82
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7a9b44a78de7f5be63d680eedca0825f0e3c3ff85df5b1f634fa98ae5099cf
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fac8a860f385a189ff78ee544b8a324078af750f3f04e661c13f56adb67d717
10e22e1afa38249f42b7251100c835c47ce6d7d5c157d544bad744c15e65ff6d
110d577ecab203864e7983c3e26ded8f1f9fcd0b1578b477e5114540cfded2f3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18cc6bf18964d1b859721730b411edf0ebcf054ce59fb2e042c10738a5dbee5d
19aed7d310d8bf5f137d0273df387b2d5b023e7c8eda1d30c1f7a8459d5a3bb9
1a7a109eea31a7b04e420c8e2cf2d768dc78f54aa8822bcf794af7698baaa5e4
1c0830e96dc0c59c5db68e1a263182f1bb76341463a3a6d86e6d4dbe45e88b99
1c1fe157530c133fc49ee2c2ec7cb771cac6269c17f367ace97f72c13cde23a7
1c6b077eaedd51e73b0d8d6728f47261efe4a904a77a4fe4e1fb4be24cecfaff
201eb83e4a865a0382ac4bc772fc2d639d38b7caccde1c7faeddd13016c9032a
22f20404f5540d5653427833906168f5970980956c01c5229cfcb7da13563a83
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
251337fa75cca6a1255cc986b528a0c7466bbf4aca78c976e6a0d4617e3129a1
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25ed1208b6ebb48b07c344cb221f1751f4e7fdffe578c7eafd466a16fe3d1e5a
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2f5631a16fb5cf5ce83dc42b510686c7d0eaab3d85edcc0696ebe99e4442ec79
2f97083d4b4b5c966a9bd474f5127a6451504c730ff8458f9789180f452b79d4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
395f81b6cb7cc8c12c8af2f3208122cda676fee76e47639b63c11337c7053e42
3c98ecf738082d7577ad4379813dbcbf0dbafe86aae325190da99df2ca551b39
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407105bb114565e9fe044471b72463acae496e9eaf83f8048c864cb08681f369
416d2349f28515c7cb5870cbe2d68ca856da606d52015ab39612fc342ba29984
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
446b75df3aa450dc67047c4ae08d0ba75cd173ee74cf644281c31ecd61c92b7c
44f119318f69a75f9b029addaf5394ceda2c3bfd1cad87c4d9d67dfb4c11c6e8
45a5acdd3d807932c4fbf455664f47b3ab1a2a053adc3a4b18758c3c0598f1e0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10
48dc5d19c8edc57a9b695330ee5f454f5d634772606a125e8b4dfdf65bc54d0d
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505c2eec4c120c0be7fb3dbc39e7c69e193a00653e4ced739b0e20fcdf97dce4
507b637b1c4d256d43f0fa5114c1041d439a89e297853e91c95fbb2964bd6543
52ba4c957efc7bae5e3dfe207919ee4c68e8910827a8b20be72eba23c81215f2
52ce3ebd7c6db288df837d1fe757e355dcfdde1fdd95c3a8c21195cedc2da8a1
532512871aa0028362de282a8720606f711b4cfdecaf8d11b18f136fff916232
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f26ec6e81079d30443381e0ea9e448f3bfa29a96577d3cbbaad4c476819c44
5a0093df26b73c46a3dcb4faa9d4601fbd0dc02daf3944b55d80e26453459665
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5adc9495bd2e6ec4bfc7f7d6f10a79bf408e3b3b0e3681d3f4532b63fea4b27a
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7cd179b3f25988d200b60fd7361a5f9276b54f1afafe36b3a90db00c3e5ef7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
663603ccfb1862545993868a828a95919ecb9904fb214e360756f145852bd121
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68d69a1a9f5825280540240a9238ff9fe2ae5ffb52fce171ca9e1d48056bc258
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6a4164f5ac9e3d246b08b0f0f24a22ec4e211bcc73a5205ee5ca1cd38cb287c6
6ac4e422494724d1feae6fe3201e2938d17ab3c57e8e89a12de05184cf922dd2
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
733aaa413a7424ac029dddb5539186cdce36af645e4abe38307b684cab58df56
76185f87102913aa38601ec9a9062f1dd3803469b20cdddebbd57a94d4751f89
76895c2535f20793e62edbe2e680a57b406233e185f685502f0e5677b0865196
769184ce655bc44c0548388697737e81eba39bc19a6c815dd1d3676dcae8f28e
7892ce0febcfebefc28d8866a6f73a22d60fb844560cd6068122bfbf76180b6f
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
7a143d983d1fb2a154aa65a2aa5c7427156be61812d4b9e7fc3ca4257516b6c1
7a94982bfbea625b64cc7f4227341ed8547b2d79739b42d8cbf999ccc18090e6
7e08e3d2a533d1588ed03df877c41c179f79827fd68d75f1a342d6c3d4f59a73
829526c84b30ce1c9f8107717f3f429dd209d4642cd828742617e9c01ff3c2a6
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8851ab93571578cbb84112300501027a27ad2370f096757faf9dadada3824f82
8c23abc5f2651598b06f66e534f5416af39a352261cf91ecb77d231f6776ebbc
8cedbc8dad336a37838ccda9b0b3424740198deac08c24095f5a57b0dcf3389f
8d1d3bee4d06141f915a7781b51d7dea9b69091b10cc5a988cfb6f3168fcb5ae
8d3966c2e1d2a7c0de5769081e43965900eba0e8ddf878ebec64c286c583e974
8f42a17e29b3236e6fae24606eb104415b27f9a89c0991f0d1caafe3a8570d29
8fb600b02fc75812932069a9f79b2132dffbca1cd735dd8f8613d0f2850046d2
9012289e7d91a60669d75e0fe6e61fe32f5546f1227aa97c64b21737ac2148b6
9102a91eb0c2dfe2c34333759eca9941a86e322ce0ea346c797a9a1d6ab915cc
916ec9d93e85ad5125306e2c1e6b229b87215ba762657e8956d6e7490c83c626
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
992ed1960b910c9da9833ed73f9c60d5dd455e082523e842c21b5acee9f940dc
9a401c66fb3b65c020914fdf807f6339a6da088d69b64105bdcae417a2da86b5
9bda60131557eff9ecf603b771e31ce4d176467500d9623a9b9317dd6307199c
9d6a799f49cfca0b6164fb8b20184ead7aa1de665e4ea47b5fbab6641a6edb3b
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a235966af85126b18032b951833e3fc66e93bbbbae63715c2afbfa8c7695f7c6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6262425fa81b28fd982c3465b4b672fa09928d2e1ac4e14a69d2e55ad5987ce
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8c14c071821a31067f72a22ee8e5cd8a03d04e365b5503a2dcb22649240957d
aa4cd9dac16ad94b862d962019bac6573a822079f1b7d27f575ef46d74e24fd0
ae18c3f1e21a306f5984175cf767c825de60b2b5507943d3775b9b8c4ad345c6
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ae9c69b423b6a43cc1cfb819f47e3d6adf3596cd05fc6a1e92ee5fb1dfd0c6f3
afa0752ec7e148a4ffbb91f27fdd1b3d6b84dabee81ab53d5d618ec537aaac0e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b408589096b572b23c0110b210c87fb259f1dc0111b57080095869f46b9e0cd5
b53cd940a678b501c50ec40a9affc7b72f7448c45d5af5ede7dd1b91c66e76dc
b60e744f89858f8fb0c5d7d6d1a48a781df091b2ba6927d69dfd9f6cdc8bd2c1
b6bc7b295106eb1236e9ec8ea5d07b612aa63bc4b955cc78804405c4de09fb8f
b9cd1fd6cf481889c0e3fb9ad468cc19081e3449d04800b24b7c96df4f60e7dc
baeaf196a0998e9a4240f1b3d2f3194c333c6ea59bfdbff3e0345b20c7475cc9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be4984e8c822cfa3da6fb01ff335b74f83cb58073ccc3cfd5f1ffc2c567cbfe7
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4f3d937d331122c0deebf5e0e2055767c5d6c0ee80aa0bd80ed5ba62b7b4035
c79310e077420df2623a0810adafbe7d7379ee885a763dac420426007a656100
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cb2153f1a19a7c3d70f486b107ef64a0e71074948d61bc96743b4e72abf1e586
cc495986f8b1ef9c657cba9e0ca59551080838d525ad9a3bb949164dab681d72
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce45160ef54e0ee7498cc26992e1ea6c1d7c2074f4402ade41a43eb2dd722f10
ce8d6abff7d3f181068a04baf174252a2c4d32a7b8eebbae4892eb7dd01324c1
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d69440f62c2f0fa5dab70a4e5201a78f51b4a2cdb7ea6ba62d56152bcc19150c
de869187a4d605b599f75528a5d05a278c5e86faf8ba4c2ec7b20d1424716f4d
e02444dc01e938e647416cabcf6f92b6b925af353e2bbdf73a3a68a4c7c39f7a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ebaa16dd9d9b9fc107c42183fb6cf9d22927e1af03dbbdfa0ccc38e4e4ac31
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e887efbae0fa9ce41e453d374d1e46106177f09ebf7de1dea1a9cfd68ea6ebe8
e985758e19d006b05e3bcafe6ff0e596daecbb29739468ef972bdd7fc0934e9c
ea4fa5242ff72645d861a14ec70b6fdf5cd591073e0f709bf97dd168e6dd6946
ec209c15cc2057e721a41857e99f656625bf5bc7b4304347d6849ebb06301dad
ed797e100b98d5f7afc10934541e7b03fb7fbe19dff348f76fb02503c8d9fba5
ef0a79c54fe679d2aadeedf12f2724441b22f15f9f1bb17920a888ed43d198ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3720b6697c8cb50d15f89d5d7cec56be566ab984e3e97b5acebdb00c93105c
f0bd06ae011d164b3194e649cd244b77dd131564ad65acab42d4dd318a1e9fa4
f132aaeec950115d8d7caebf24c127c10ecb70404fbf1577e68907b04e714672
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f756544bd7dc1b1638110909d68b953e541b907ab09a2da9a4b8aa5926e2acb8

go284.a7bbab.com Open in urlscan Pro 104.26.9.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

360 Requests

95 %HTTPS

42 %IPv6

48 Domains

82 Subdomains

69 IPs

10 Countries

5495 kBTransfer

12887 kBSize

46 Cookies

4 Outgoing links

Redirected requests

360 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go284.a7bbab.com Open in urlscan Pro
104.26.9.207 Public Scan

Screenshot
Live screenshot

Full Image

360
Requests

95 %
HTTPS

42 %
IPv6

48
Domains

82
Subdomains

69
IPs

10
Countries

5495 kB
Transfer

12887 kB
Size

46
Cookies

360 HTTP transactions
17 data transactions