aidheps24.space Open in urlscan Pro
2606:4700:3033::6815:a27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aidheps24.space/
Submission: On July 14 via api (July 14th 2023, 12:13:31 pm UTC) from US — Scanned from DE

Summary HTTP 343 Redirects Links 78 Behaviour Indicators

Summary

This website contacted 53 IPs in 12 countries across 40 domains to perform 343 HTTP transactions. The main IP is 2606:4700:3033::6815:a27, located in United States and belongs to CLOUDFLARENET, US. The main domain is aidheps24.space.
TLS certificate: Issued by GTS CA 1P5 on July 14th 2023. Valid for: 3 months.

This is the only time aidheps24.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:a27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	2606:4700:20:... 2606:4700:20::681a:e0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2606:4700::68... 2606:4700::6811:6b29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	142.93.164.216 142.93.164.216	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	51.83.200.186 51.83.200.186	16276 (OVH) (OVH)
7	23.227.138.196 23.227.138.196	55081 (24SHELLS) (24SHELLS)
14	107.151.2.114 107.151.2.114	55081 (24SHELLS) (24SHELLS)
1	217.16.18.206 217.16.18.206	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.34.68 13.225.34.68	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:512... 2a0c:5c81:5120::2	55081 (24SHELLS) (24SHELLS)
1 2	54.154.249.114 54.154.249.114	16509 (AMAZON-02) (AMAZON-02)
1	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
5	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	95.216.24.148 95.216.24.148	24940 (HETZNER-AS) (HETZNER-AS)
6	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	2a0c:5c81:511... 2a0c:5c81:5119::2	55081 (24SHELLS) (24SHELLS)
1	18.164.52.95 18.164.52.95	16509 (AMAZON-02) (AMAZON-02)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
4 9	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
4	185.83.69.58 185.83.69.58	55081 (24SHELLS) (24SHELLS)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:21:... 2606:4700:21::681b:c358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
3	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	67.220.182.50 67.220.182.50	55081 (24SHELLS) (24SHELLS)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4 4	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.239.172.77 185.239.172.77	55081 (24SHELLS) (24SHELLS)
3	2.19.244.232 2.19.244.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
1 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
5	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 2	52.95.118.179 52.95.118.179	16509 (AMAZON-02) (AMAZON-02)
3 3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	52.31.235.128 52.31.235.128	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:f3c5:b81c:48d6:4797	16509 (AMAZON-02) (AMAZON-02)
71	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
343	53

1 2606:4700:3033::6815:a27 (United States)

ASN13335 (CLOUDFLARENET, US)

aidheps24.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2606:4700:20::681a:e0d (United States)

ASN13335 (CLOUDFLARENET, US)

novy.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.unocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:6b29 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.vertamedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.216 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.200.186 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-83-200.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.227.138.196 (Piscataway, United States)

ASN55081 (24SHELLS, US)

static-cdn.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bootstrap.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 107.151.2.114 (Piscataway, United States)

ASN55081 (24SHELLS, US)

aux-log.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aux-log2-sh.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.16.18.206 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.34.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-68.cdg3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5120::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

d.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.249.114 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-249-114.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

juke.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vplayer.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.24.148 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0c:5c81:5119::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads6.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-95.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.83.69.58 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::681b:c358 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.182.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)

aux-log.bidmatic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.53 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.239.172.77 (United Kingdom)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.244.232 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-232.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.118.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.235.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-235-128.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:f3c5:b81c:48d6:4797 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	585 KB
66	novy.tv novy.tv — Cisco Umbrella Rank: 818136	580 KB
41	adtelligent.com static-cdn.adtelligent.com bootstrap.adtelligent.com aux-log.adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 7135 d.adtelligent.com — Cisco Umbrella Rank: 339289 s.adtelligent.com — Cisco Umbrella Rank: 6650 static.adtelligent.com — Cisco Umbrella Rank: 493176 ghb.adtelligent.com — Cisco Umbrella Rank: 6002 pixel.adtelligent.com ads6.adtelligent.com aux-log2-sh.adtelligent.com — Cisco Umbrella Rank: 126923 sync.adtelligent.com — Cisco Umbrella Rank: 5651	276 KB
35	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	331 KB
15	google.com 4 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2556 www.google.com — Cisco Umbrella Rank: 10	2 KB
13	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	66 KB
11	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 64982 c.idealmedia.io — Cisco Umbrella Rank: 56725 servicer.idealmedia.io — Cisco Umbrella Rank: 63507 s-img.idealmedia.io — Cisco Umbrella Rank: 58560 autocounter.idealmedia.io — Cisco Umbrella Rank: 68091 cm.idealmedia.io — Cisco Umbrella Rank: 8066	187 KB
10	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 812 image2.pubmatic.com — Cisco Umbrella Rank: 1036 simage2.pubmatic.com — Cisco Umbrella Rank: 797	88 KB
7	google.de www.google.de — Cisco Umbrella Rank: 4752	918 B
6	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 399063 juke.mmi.bemobile.ua — Cisco Umbrella Rank: 698231 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 352805 vplayer.mmi.bemobile.ua — Cisco Umbrella Rank: 493361	21 KB
6	bidmatic.io player.bidmatic.io — Cisco Umbrella Rank: 97357 files.bidmatic.io — Cisco Umbrella Rank: 900722 aux-log.bidmatic.io — Cisco Umbrella Rank: 891345	47 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	281 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 56503 ls.hit.gemius.pl — Cisco Umbrella Rank: 13098	22 KB
5	piano.io api-esp-eu.piano.io — Cisco Umbrella Rank: 77240	16 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	321 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 25056 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22775	898 B
3	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 169609	4 KB
3	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13020	7 KB
3	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 19152 tt.onthe.io — Cisco Umbrella Rank: 13808	18 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 633	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	562 B
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 6330	1 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081	72 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 50288	2 KB
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	426 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	265 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 981	612 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 955	265 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	793 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9637	258 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 857
1	unocdn.com files.unocdn.com — Cisco Umbrella Rank: 863418
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2696	257 B
1	adriver.ru content.adriver.ru — Cisco Umbrella Rank: 31355	5 KB
1	vertamedia.com player.vertamedia.com	58 KB
1	aidheps24.space aidheps24.space	48 KB
0	audrte.com Failed a.audrte.com Failed
343	40

	Domain	Requested by
71	tpc.googlesyndication.com	securepubads.g.doubleclick.net aidheps24.space bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com tpc.googlesyndication.com
66	novy.tv	aidheps24.space novy.tv
17	securepubads.g.doubleclick.net	aidheps24.space securepubads.g.doubleclick.net www.googletagservices.com
9	aux-log2-sh.adtelligent.com	static.adtelligent.com aidheps24.space
9	www.google.com	4 redirects aidheps24.space tpc.googlesyndication.com
8	googleads.g.doubleclick.net	bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
8	aax.amazon-adsystem.com	c.amazon-adsystem.com
7	pagead2.googlesyndication.com	tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
7	www.google.de	aidheps24.space
7	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
6	region1.analytics.google.com	www.googletagmanager.com
5	www.googletagservices.com	securepubads.g.doubleclick.net bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
5	bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	s.adtelligent.com	player.vertamedia.com static.adtelligent.com player.bidmatic.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	aux-log.adtelligent.com	aidheps24.space
5	api-esp-eu.piano.io	aidheps24.space novy.tv
4	s-img.idealmedia.io	aidheps24.space
4	image2.pubmatic.com	ads.pubmatic.com
4	sync.adtelligent.com	s.adtelligent.com aidheps24.space ads.pubmatic.com
4	ib.adnxs.com	4 redirects
4	pixel.adtelligent.com	aidheps24.space static.adtelligent.com
4	ghb.adtelligent.com	player.adtelligent.com
4	gaua.hit.gemius.pl	1 redirects aidheps24.space gaua.hit.gemius.pl
4	www.googletagmanager.com	aidheps24.space www.googletagmanager.com www.google-analytics.com
3	cm.g.doubleclick.net	3 redirects
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	ads.pubmatic.com	s.adtelligent.com ads.pubmatic.com jsc.idealmedia.io
3	pa.tns-ua.com	source.mmi.bemobile.ua pa.tns-ua.com aidheps24.space
3	cdn.plyr.io	player.bidmatic.io aidheps24.space
3	c.amazon-adsystem.com	player.adtelligent.com c.amazon-adsystem.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	player.bidmatic.io	aidheps24.space player.bidmatic.io
2	cm.idealmedia.io	jsc.idealmedia.io
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	aux-log.bidmatic.io	player.bidmatic.io
2	static.adtelligent.com	player.vertamedia.com player.bidmatic.io
2	tt.onthe.io	cdn.onthe.io
2	segment.prod.bidr.io	1 redirects aidheps24.space
2	bootstrap.adtelligent.com	aidheps24.space
2	player.adtcdn.com	aidheps24.space
2	jsc.idealmedia.io	aidheps24.space jsc.idealmedia.io
1	autocounter.idealmedia.io	aidheps24.space
1	vplayer.mmi.bemobile.ua	source.mmi.bemobile.ua
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	simage2.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	servicer.idealmedia.io	jsc.idealmedia.io
1	c.idealmedia.io	aidheps24.space
1	a4p.adpartner.pro	1 redirects
1	onetag-sys.com	s.adtelligent.com
1	ads6.adtelligent.com	static.adtelligent.com
1	files.unocdn.com	aidheps24.space
1	vc.hotjar.io	script.hotjar.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	script.hotjar.com	static.hotjar.com
1	files.bidmatic.io	player.bidmatic.io
1	juke.mmi.bemobile.ua	aidheps24.space
1	source.mmi.bemobile.ua	aidheps24.space
1	d.adtelligent.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	content.adriver.ru	novy.tv
1	static-cdn.adtelligent.com	player.vertamedia.com
1	cdn.onthe.io	aidheps24.space
1	player.vertamedia.com	aidheps24.space
1	aidheps24.space
0	a.audrte.com Failed	ads.pubmatic.com
343	76

This site contains links to these domains. Also see Links.

Domain
novy.tv
teleportal.ua
www.facebook.com
www.instagram.com
www.youtube.com
t.me
www.tiktok.com
vb.me
www.slm.ua
ictv.ua
www.stb.ua
vikna.tv
fakty.com.ua
www.legalcontentua.com

Subject Issuer	Validity	Valid
aidheps24.space GTS CA 1P5	`2023-07-14` - `2023-10-12`	3 months	crt.sh
novy.tv Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
player.bidmatic.io R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
player.vertamedia.com R3	`2023-06-11` - `2023-09-09`	3 months	crt.sh
adtcdn.com GTS CA 2P2	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.onthe.io Sectigo ECC Domain Validation Secure Server CA	`2023-07-03` - `2024-07-02`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-21` - `2023-12-22`	a year	crt.sh
aux-log.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-05` - `2023-10-03`	3 months	crt.sh
player.adtelligent.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
d.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2023-01-20` - `2024-02-04`	a year	crt.sh
files.bidmatic.io R3	`2023-06-18` - `2023-09-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-05-27` - `2023-08-25`	3 months	crt.sh
static.adtelligent.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
files.unocdn.com R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh
ads6.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-06-28` - `2023-09-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
aux-log.bidmatic.io ZeroSSL ECC Domain Secure Site CA	`2023-06-26` - `2023-09-24`	3 months	crt.sh
aux-log2-sh.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-05-24` - `2023-08-22`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://aidheps24.space/
Frame ID: 339BBF2510162D8C9F8739FDDACCE66E
Requests: 224 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 3660ECC09806BD23534DF21C679A1AC1
Requests: 1 HTTP requests in this frame

Frame: https://static.adtelligent.com/static/jsvpaid.js?cb=07061922
Frame ID: 128CAD6D0C0F149352383FD06A7B700B
Requests: 4 HTTP requests in this frame

Frame: https://static.adtelligent.com/static/jsvpaid.js
Frame ID: F8914F0752C0A04D47B97401FB5DEA5D
Requests: 6 HTTP requests in this frame

Frame: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC07B09C223E2B47E565209C460078F1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 93CE9BF7856AAB4A3214B6D30B27598E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5216369895775830525
Frame ID: A359DBCF75C57027709DC21DED6445DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 5CFFA56DADF2EB1196006A68959731E6
Requests: 12 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: ADAD74FC880FB8D55C284B00E8C1F2E7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D2138F9BC16C20070C2DCC0577E9AB9B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825977605228
Frame ID: A462E7023DE4A930C14545A1F5349D70
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5815451935532111623
Frame ID: 4DF4A1B7D1B76A0E9D97DD2FDC2C474A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D0BC8DA425F41703D399068602E2F7BB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=421D1484-8304-4307-8AD8-4A032C2539E2
Frame ID: 468DF11E5684DEF5812C6B3710E05585
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR7aWDHHkyIV90HVVFq5Y2x2Qa_HB3-1mrdrqe3fCR1-ELL7XV2MS-j0162ZgabMgNTZdFFuQorSAYOOBgpdQQZIhplkoxyZ4r_uTAr9dxGiGgVHH3e4GTBF8-tAfusNRHYog8sdw40j-v0rBWXwZULxfm4qNPtllSzwBj3C_X_3ygijkvLS3ge2htZFshVuhWwK8i9U4rbAmBoraVe1F0ZHP3CB5cNNm4-jzxhqx5EkdUE3H2-AqzxZmIqFRw-yfWGlSsXwmIUPkUtJsJ0Xwm9yPTQUXK6-Tdac7CmUOKMA99EET_hOwP2aHHT8RsPq09ggO2OFCC_vMZktdYQwfaMLsjc5O8kHSSd5pX&sai=AMfl-YQy5UWmHc8S8fOJTsCLeFMkLOX8BWj4nACQNGlTvoCR3vpOSNpcGnJ5EZtTVTz3UfuxsnQ84JDd-VTRBWeHTnsS4M_-yn-eVfvIqYzcnJVcP7lYGIsieWN9kpESDrwk1Tm_oC3YDBLPMa2twLlF&sig=Cg0ArKJSzCutJ70XdKgZEAE&uach_m=[UACH]&adurl=
Frame ID: 97814E0C20BFE14FD7041A1701F20EA9
Requests: 6 HTTP requests in this frame

Frame: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9329ED75F788BB96968035E34B67DBD8
Requests: 7 HTTP requests in this frame

Frame: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8DD30B9C10BD927AC410F75C83DD8888
Requests: 7 HTTP requests in this frame

Frame: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42CF1340BF18DD188FA2A31C651BE558
Requests: 8 HTTP requests in this frame

Frame: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C71E89C92C89473EB3D897100F72F35
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html
Frame ID: 32AAAB1434C47C64C87947E4B7395EC9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 175323E5B8A95F3C4102AC89480D349E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html
Frame ID: 8D5A9D7AE55D085F93984B9E976DABCB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0FE6235307469BE092DAE8EC451B4528
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html
Frame ID: 47AC75368448753F6A813385F207148B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C426A2551BD1AB502CB9984F04AFCDBB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html
Frame ID: 49AE94EB7F5237FF0D63C43648BDEEF2
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 805D0700A11F32CE058BA9F5C716D5EE
Requests: 2 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=168933680363147541943
Frame ID: F5DF3D6BAE33A8931FF7BEE1F45774D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40BB63BB2FD196D1027459214E1B3152
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 03D2C81D425F7306618D7ABCAB51ADC4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Грошова допомога ACTED: як отримати, та хто може оформити | Новий канал

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/material(?:\.min)?\.js

Plyr (Video players) Expand

Overall confidence: 100%
Detected patterns

https://cdn\.plyr\.io/([0-9.]+)/.+\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

343
Requests

94 %
HTTPS

36 %
IPv6

40
Domains

76
Subdomains

53
IPs

12
Countries

3061 kB
Transfer

10727 kB
Size

60
Cookies

78 Outgoing links

These are links going to different origins than the main page.

URL: https://novy.tv/ua/

Search URL Search Domain Scan URL

URL: https://novy.tv/?s=

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/projects/
Title: Проекти

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/yepytannya/
Title: єПитання

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/tvproject/univercheck/
Title: УніверCheck

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/moloda/
Title: Молода

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/le-marshrutka/
Title: Lе Маршрутка

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/
Title: G.SPACE

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/budinochok-na-shhastya/
Title: Будиночок на щастя

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/tv/
Title: Телепрограма

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/videos/
Title: Відео

Search URL Search Domain Scan URL

URL: https://novy.tv/video-srchttps-player-starlight-digital-embed-f4d4f83ec80eb93fbe9db7ec1f8e43356c709f1a97f7588473c2c5ed3cbc905c-noad-video
Title: Робота українських бізнесів попри війну. Співпраця чернігівської швейної фабрики зі SkyUp 13 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/yak-vyglyadaye-suchasnyj-shkilnyj-rozklad-v-pryvatnij-shkoli-midgard-zaprovadyly-uroky-volonterstva
Title: Як виглядає сучасний шкільний розклад? В приватній школі Midgard запровадили уроки волонтерства 07 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ye-pytannya-12-vypusk-2023-dyvytysya-onlayn
Title: Народний гумор проти сучасного. єПитання. Випуск 12 05 червня

Search URL Search Domain Scan URL

URL: https://novy.tv/yaskravi-emoczi%d1%97-z-aerodium-kyiv-ta-shhastya-vid-svobodi-polotu-v-najvishhij-aerotrubi-kra%d1%97ni
Title: Яскраві емоції з AERODIUM KYIV та щастя від свободи польоту в найвищій аеротрубі країни! 01 червня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/kasting/
Title: Кастинги

Search URL Search Domain Scan URL

URL: https://novy.tv/vitannya-z-dnem-buhgaltera-2023-u-virshah-ta-kartynkah
Title: З Днем бухгалтера 2023: привітання у віршах та картинках 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/den-buhgaltera-2023-koly-den-buhgaltera-v-ukrayini
Title: Коли День бухгалтера 2023 в Україні? Цікаві факти про свято 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/lyubovnyj-goroskop-na-2023-dlya-vsih-znakiv-zodiaku
Title: Любовний гороскоп на 2023 для всіх знаків зодіаку 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/shho-bude-z-ukrayinoyu-u-2023-roczi-goroskop-vid-chat-gpt
Title: Що буде з Україною у 2023 році? Гороскоп для нашої країни від нейромережі Chat GPT 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/showbiznes
Title: Шоубізнес

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/na-style/
Title: Мода

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/goroskopi/
Title: Гороскоп

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/aktualni-novini/
Title: Афіша

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/golovni-novini/novyny-voennogo-chasu/
Title: Війна в Україні

Search URL Search Domain Scan URL

URL: https://novy.tv/donate/
Title: Підтримай Новий канал

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/
Title: Укр

Search URL Search Domain Scan URL

URL: https://novy.tv/ru/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/
Title: Рус

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/#nav

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/showbiznes/
Title: Новини шоубізнесу

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/retsepti/
Title: Рецепти

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/pro-proekt/
Title: Про проект

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/news/
Title: Новини

Search URL Search Domain Scan URL

URL: https://novy.tv/wp-content/uploads/sites/96/2023/06/istock-1212738741.jpg

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/06/19/dopomoga-vpo-vid-norvezkoyi-rady-yak-otrymaty-vyplaty-ukrayinczyam/
Title: Допомога ВПО від Норвезької ради: як отримати виплати українцям

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/06/19/vyplaty-vid-estonskoyi-rady-yak-otrymaty-vyplaty-ukrayinczyam/
Title: Виплати від Естонської ради: як отримати виплати українцям

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/06/09/yak-otrymaty-dopomogu-vid-oon-pensioneram-pokrokova-instrukcziya/
Title: Як отримати допомогу від ООН пенсіонерам: покрокова інструкція

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/06/09/dopomoga-vid-oon-yak-oformyty-onlajn-ta-oflajn/
Title: Допомога від ООН: як оформити онлайн та офлайн

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/tag/gspace/
Title: gspace

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/tag/vyibor-redaktsii/
Title: выбор редакции

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/tag/layfhak/
Title: лайфхак

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/news/
Title: Новини

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/vitannya-z-dnem-buhgaltera-2023-u-virshah-ta-kartynkah/
Title: З Днем бухгалтера 2023: привітання у віршах та картинках 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/den-buhgaltera-2023-koly-den-buhgaltera-v-ukrayini/
Title: Коли День бухгалтера 2023 в Україні? Цікаві факти про свято 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/lyubovnyj-goroskop-na-2023-dlya-vsih-znakiv-zodiaku/
Title: Любовний гороскоп на 2023 для всіх знаків зодіаку 14 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/videos/episode/video-srchttps-player-starlight-digital-embed-f4d4f83ec80eb93fbe9db7ec1f8e43356c709f1a97f7588473c2c5ed3cbc905c-noad-video/
Title: Робота українських бізнесів попри війну. Співпраця чернігівської швейної фабрики зі SkyUp 13 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/videos/episode/yak-vyglyadaye-suchasnyj-shkilnyj-rozklad-v-pryvatnij-shkoli-midgard-zaprovadyly-uroky-volonterstva/
Title: Як виглядає сучасний шкільний розклад? В приватній школі Midgard запровадили уроки волонтерства 07 липня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/videos/episode/yaskravi-emoczi%d1%97-z-aerodium-kyiv-ta-shhastya-vid-svobodi-polotu-v-najvishhij-aerotrubi-kra%d1%97ni/
Title: Яскраві емоції з AERODIUM KYIV та щастя від свободи польоту в найвищій аеротрубі країни! 01 червня

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/o-kanale/
Title: Про канал

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/priem-signala/
Title: Прийом сигналу

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/biznes/
Title: Вакансії

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/pravila-sajta/
Title: Правила сайту

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/oblichchya-kanalu/
Title: Керівництво каналу

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/redaktsijni-printsipi/
Title: Редакційні принципи

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/struktura-vlasnosti/
Title: Структура власності

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/finansova-zvitnist/
Title: Фінансова звітність

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/news/2021/03/25/stan-spivprodyuserom-novogo-vislovi-svoyu-dumku-v-onlayn-opituvanni/
Title: Змінюй Новий канал

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/privacy_policy/
Title: Політика конфіденційності

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/problemi-z-priyomom-signalu-kanaliv-grupi-starlightmedia/
Title: Проблеми з прийомом сигналу каналів групи StarLightMedia

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/kontakti/
Title: Контакти

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/reklama/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://teleportal.ua/show/novyy-kanal
Title: Новий канал шоу

Search URL Search Domain Scan URL

URL: https://teleportal.ua/ru/serials/novyy-kanal
Title: Новий канал серіали

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NovyChannel/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/novy_channel/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/novychannel

Search URL Search Domain Scan URL

URL: https://t.me/novytv

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@novy_channel

Search URL Search Domain Scan URL

URL: https://vb.me/novychannel_pw

Search URL Search Domain Scan URL

URL: http://www.slm.ua/

Search URL Search Domain Scan URL

URL: https://ictv.ua/ua/

Search URL Search Domain Scan URL

URL: https://www.stb.ua/ua/

Search URL Search Domain Scan URL

URL: https://vikna.tv/

Search URL Search Domain Scan URL

URL: https://fakty.com.ua/ua/

Search URL Search Domain Scan URL

URL: http://www.legalcontentua.com/
Title: www.legalcontentua.com

Search URL Search Domain Scan URL

URL: https://novy.tv/ua/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/#top

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value=&_bee_ppp=1

Request Chain 165

https://gaua.hit.gemius.pl/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidheps24.space%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=SRB3TiL6tqaOgrBq0hyZOyllUgaulCrF408zyqjdQTv.Q7UuTmie0bn8pY__5XBoueQ6F0Obr_vBUqllvJQJS6VJS_Gh/BgIlI5kcAHYh5/&fpdata=SGZ3rPTi3xev5SPqa_cMoiJleEydH7_DXyeElxbLOL7.p7&ltime=303&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=64b13be110ade380&brts=1689336801&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidheps24.space%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=SRB3TiL6tqaOgrBq0hyZOyllUgaulCrF408zyqjdQTv.Q7UuTmie0bn8pY__5XBoueQ6F0Obr_vBUqllvJQJS6VJS_Gh/BgIlI5kcAHYh5/&fpdata=SGZ3rPTi3xev5SPqa_cMoiJleEydH7_DXyeElxbLOL7.p7&ltime=303&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=64b13be110ade380&brts=1689336801&fpcap=

Request Chain 202

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5216369895775830525

Request Chain 204

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8042858467766948337

Request Chain 205

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523

Request Chain 214

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825977605228

Request Chain 215

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5815451935532111623

Request Chain 216

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qh0UhIMEQweK2EoDLCU54g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 220

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1609536904 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=421D1484-8304-4307-8AD8-4A032C2539E2

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDIxRDE0ODQtODMwNC00MzA3LThBRDgtNEEwMzJDMjUzOUUy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDazza6EZI37FJFVkoC5iHI&google_cver=1

Request Chain 225

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487804213720259050

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 280

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 282

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 285

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

343 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aidheps24.space/ 171 KB
48 KB 677ms
620ms Document
text/html 2606:4700:3033::6815:a27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:a27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f45db1868dd27c430cf4c482fc19021007e6a2237e92bfd97cd4976dc96bb5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e69add4487e362f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Jul 2023 12:13:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHKjFMtEWOkuW%2BQXxLTQOXlk4OL195f%2Bbsw59YOU41iZwL0fJjJTuqgP9H%2BQGwRLmx41ajzTeFYMhwawpaoQTQHtrfW9WihHUMaeb2WpJSVrUMDAsOuK0e7sLHtc1TT35VdQYF%2B9ogYCI1tR28w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 azx4VPqZwhqcIb5bslHpP8lX1jc.js Show response
novy.tv/cdn-cgi/apps/head/ 6 KB
2 KB 115ms
43ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/cdn-cgi/apps/head/azx4VPqZwhqcIb5bslHpP8lX1jc.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3dc7a7cf4fe184a480b5209c00254d33450ca33adac2992002af1be8b80fd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
x-amz-version-id: tGTvFJO5pkxc0avMvgLX5SFOZnRZbT9r
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: DKE9WWYD2DAEBN1W
age: 14797244
x-amz-id-2: OCj7PeT4BiHvpBUxDV2d8x2qX2a0sisramTO8COhgwJAqrgeeOXgkMMq3jEFRy1SaVGREq7teXI=
last-modified: Wed, 21 Oct 2020 18:07:14 GMT
server: cloudflare
etag: W/"3d8f9112cff9f37a2b49d6e113d89f47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtG7MMUdbG5uIl66vI87t2SwKetRghOvCkdVd5cBRLJzeYNsC3nzH5J5FoIJwjBQT6Gqgw7PfgUGFjv9B5SuWLzSky7No8bqpdX83Kzo%2FLzpUtLZX7INIzUs6x3Gatsqg4ukwcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e69add8cfea9a3f-FRA

GET
H2 200 frontend.css
novy.tv/wp-content/plugins/sld-constructor-x/ 5 KB
1 KB 96ms
24ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-constructor-x/frontend.css?ver=1.0.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c082602225b5a8142f6e283c400a2a1a5729b3ae216a6245c1432f544acfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43293505
cf-polished: origSize=6701
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:32 GMT
server: cloudflare
etag: W/"621605c0-1a2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQoHEds1AtEsp84tNG9Bx4r%2F%2BYs8OUmZ%2BGwlTMgxR7c4rqZFDnEbSZbyVcNrTC0wdPrGlQC4MEAufIzW8U31UQKK4UfijQFaBv%2FloxDL6LK2wQh%2FKmoySMEVcyvo%2B9uhSIJAxHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfbb9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap-material-design.min.css
novy.tv/wp-content/plugins/vandt/assets/css/frontend/ 114 KB
12 KB 99ms
28ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/css/frontend/bootstrap-material-design.min.css?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a13d78d84bef8c4d761d0d619cbda472dc600f34390bb990fbc2afaf580077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 15:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10937879
etag: W/"6409f50c-1c665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuDb0%2Fftxz%2Bb8T3C5pXOw5aUtgI59mCohv28GvsmsnStX9e0S0Z5GArS1%2BLzlGuVNZd%2F87284WXd%2FSOw9bjeDyxylZcoeTZ2DiRWeHRRiGSwU6U87hCUzgbg0eju3GMdZ%2BVZfJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfbc9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ripples.min.css
novy.tv/wp-content/plugins/vandt/assets/css/frontend/ 988 B
793 B 92ms
20ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/css/frontend/ripples.min.css?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12868a14f253a4b0f3adc6b2cc61ccf92d0e6970c7dd34e6eb76cf198ec4d10b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:23:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24522536
etag: W/"633b0c7c-3dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olS%2BTn2HjHdJPxudn8a%2BQ1O43nCaMVToJNEJE00AgfNLvxammCmbDjtrnhlqv2vd75r86iljKmZoFoHZ4t5U5LCcL1Qq%2F0xstYVEbpIOPkPgJ0aziy8neRYGIfFjhwycyyrKECU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfbe9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 material-icons.min.css
novy.tv/wp-content/plugins/vandt/assets/css/frontend/ 668 B
595 B 93ms
22ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/css/frontend/material-icons.min.css?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a803a843e08672d32a7a99457ff0f2f5d341c99c9a8ea11600f64a67bd744e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 16:23:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24522536
etag: W/"633b0c7c-29c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKrBJPn7EQjbvnJN346Z0PAzRccA5dl%2BL75eZRjFm59DoMnX1%2B5dFJYgrwE4hGQ5kGkiy1KX2R2yHIzpUmLCY0hPXYPI4k8%2FYtIZ2T0ZCVuYLTishBT8FnJXO%2FAO6CBqDkuIdgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfbf9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
novy.tv/wp-content/plugins/vandt/assets/css/frontend/ 12 KB
2 KB 93ms
22ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/css/frontend/main.css?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262530703d8d0ec8c9b9337a490e7419d8322b4d368c6f339bb759aefd3cc201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24522536
cf-polished: origSize=15554
cf-bgj: minify
last-modified: Mon, 03 Oct 2022 16:23:24 GMT
server: cloudflare
etag: W/"633b0c7c-3cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ed0HqD5RbT4JHoebjAAPRePTn5zt0RC7o6AE1v4INSq6aYLZ%2Fp2%2F46KjwLMZvShOJEVzBQ3f9XKjJ38D8pBFLDj0D80rNfi5UH0bVCcY4Nc7bFXkEUVOitps0wTJOfRXf9lfKPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc19a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.css
novy.tv/wp-content/plugins/wp-quiz/assets/frontend/css/ 57 KB
5 KB 94ms
24ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/wp-quiz/assets/frontend/css/animate.css?ver=3.6.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43293505
cf-polished: origSize=75052
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:36 GMT
server: cloudflare
etag: W/"621605c4-1252c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NExKwPHzFZKf72CPjaofVRel7TPrG76DnegbeCj1KErZ1NeSa692lWra1%2FFwgraYVLa%2BrklqtX1E%2BZrahTM0Nh%2F93cHmo5sh2lw%2BaDiXszyev6W9msIN4dez2CmBatnUFTCd8As%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc29a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-quiz.css
novy.tv/wp-content/plugins/wp-quiz/assets/frontend/css/ 19 KB
5 KB 102ms
32ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/wp-quiz/assets/frontend/css/wp-quiz.css?ver=2.0.6
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc361f91c39cc5a669735c0dba8bf82e191eb666036a5b797a816708c79116ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16483141
cf-polished: origSize=19453
cf-bgj: minify
last-modified: Wed, 28 Dec 2022 11:50:54 GMT
server: cloudflare
etag: W/"63ac2d9e-4bfd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVgRq3X%2BB97yjKncK2O0gtRUWeyf2piXicFMIARrIXkQN8VtIssECBIEki9kVWUZACn4sTIUO19XOQypXuQU2qF0xzjrL4fk%2Fbk5FGVu4h2zPwpukqXD%2Bdn%2B4TbzxMf3oMTbdFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc59a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.css
novy.tv/wp-content/themes/novy-2018/js/fancybox/ 4 KB
2 KB 96ms
25ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/fancybox/jquery.fancybox.css?ver=2.1.5
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28525796
cf-polished: origSize=5356
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
server: cloudflare
etag: W/"62fdf440-14ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnx7z1zqPW6NN1MElg18W4wMYOj%2Bgmr6HVlAt%2BqV9H2Pg%2BegZ8SdWvOTwZHke6aoSXPQx5GbhJ2wDaT%2FMeU8xiS9TQLlLShwJ0IiNTNy7gdb9VXef0SBw4ilqXbRPHhRGozolSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfd59a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flexslider.css
novy.tv/wp-content/themes/novy-2018/css/ 4 KB
1 KB 99ms
29ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/css/flexslider.css?ver=1.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f493194d3150b2a1cf0d88f63e0e9288c6a8ee24dbf57c171fea74f1ecf01b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45018307
cf-polished: origSize=6806
cf-bgj: minify
last-modified: Tue, 08 Feb 2022 09:46:33 GMT
server: cloudflare
etag: W/"62023bf9-1a96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daqoLEJqv4UjosNRV2g7q2NFUkGonGoV7pHYMWa0BX8JnT%2BNLXztshzy1Du4UsbHWbu%2Fvn%2Fbh6zI7vAB06HfRl7%2FlVOWYzv2lbGOSPPy1q9OXdcqdgD%2FIb6Zl8CzoZueV0y5WU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfd29a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-style.css
novy.tv/wp-content/themes/novy-2018/ 276 KB
49 KB 107ms
37ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/main-style.css?ver=2.12.18
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312a693b86d502e6a7bc01f32c68b6570d8fbd732e0418146565d73ebd8b303b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28525796
cf-polished: origSize=375906
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 08:11:43 GMT
server: cloudflare
etag: W/"62fdf43f-5bc62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BAQDVxDS30UHhw%2FLc%2FZ8%2FC07D0yylrRVjOsCTQSRR6IN0oh0vYX8x3JjNaiIRfmKwvjT4xxTzQ5rH61dEEO%2FmIgI20Q6WNHkdjprMfHFusQp8VE5jaUeRASXtStkYyRs58vzUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc99a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style2018.css
novy.tv/wp-content/themes/novy-2018/css/ 96 KB
15 KB 108ms
38ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/css/style2018.css?ver=1.2.5
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef6101ab1deb73807e4fa52359cf2b4df761d3d22259f63d0ba497c8b82eba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22024471
cf-polished: origSize=121915
cf-bgj: minify
last-modified: Tue, 01 Nov 2022 14:17:17 GMT
server: cloudflare
etag: W/"63612a6d-1dc3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rridp%2FMqDyZDWE%2F6RnJZJgFgwmXU0aWWG1Yn4%2FynQWdbG%2Fvyg%2BQRPS7Ny2%2BqGaWhXK5ywhuwluvlj7NzjkEgop5NBRm89LMG50DIGUjn%2BxEQjOhjeuanWhB6V8I%2BMlo7DOR2SFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfd09a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adaptive.css
novy.tv/wp-content/themes/novy-2018/css/ 9 KB
2 KB 112ms
42ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/css/adaptive.css?ver=1.0.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633ec08442e776417d0557e6b58fefff6f99691aa1a4d043ab8a9ae87593b279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28525796
cf-polished: origSize=11263
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 08:11:43 GMT
server: cloudflare
etag: W/"62fdf43f-2bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoTi4QENCd2CNqv3x2Ehex3NTF8GdZhDXXv%2BZICA6Fq8J4%2FyWP%2FAtYcerav4VkNar9WpQpSy%2B9JaW93%2FGPIAZpKqtIGHykit%2Bm%2B7c8AnETw3Vg7qO53tOuBa7Se6Nr%2F6QNlTe1E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc69a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grid.css
novy.tv/wp-content/themes/novy-2018/v3/css/ 1 KB
757 B 96ms
27ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/css/grid.css?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ad40996dd4b8c331c4be156727f769074c37aefb0d26581771f05d891361e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17897778
cf-polished: origSize=1866
cf-bgj: minify
last-modified: Mon, 19 Dec 2022 08:32:56 GMT
server: cloudflare
etag: W/"63a021b8-74a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLObAtBK4v%2FJh05iXhYVgQUQGzCtj1H6Fvtm9GNJMnhueZD9VSMyR1BZ8x0x6fON0hRYVi9poRt2Mqyrp0kpYJAxVaJKH%2FKdxqgfzEMYdY8t1irGvTpReldgs%2Fxq68OH4KLz8%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfcf9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
novy.tv/wp-content/themes/novy-2018/v3/css/ 31 KB
7 KB 103ms
35ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/css/style.css?ver=1.2.6
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e536dccb0560e5570765fd7cff4a66ecadc2b67b3f67163320350da9e4e377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10962405
cf-polished: origSize=43038
cf-bgj: minify
last-modified: Thu, 09 Mar 2023 15:02:40 GMT
server: cloudflare
etag: W/"6409f510-a81e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GuWBH6ZOzNWfHbtgAD9gp5AWrQFrAVNSPgEkePBibf29uulwezJl2cP7mBRT1lzKAqOy0fQcejzMM7nFohJAnmi3k28HsxMEdLYRrxSoHi5B5w%2FeG6IiXy%2BMRB1PHP9P%2BdvbSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfcb9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advertisement.css
novy.tv/wp-content/themes/novy-2018/v3/css/ 2 KB
1 KB 105ms
37ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/css/advertisement.css?ver=1.0.3
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1552105b34dc0cc63f46f81622d2d904dffe0ba807d4f9972bf77d905a5c5ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18904497
cf-polished: origSize=2444
cf-bgj: minify
last-modified: Wed, 07 Dec 2022 16:54:44 GMT
server: cloudflare
etag: W/"6390c554-98c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKMqYzm6Yqlo9PmUzgr7PUXYbdj6nPlS0TnM8G7pQItlH%2B2dNkSN%2BOoW%2F8mKZj6W%2B8Y6QS7SrjNTjfwCrdt0qfC6vqVbJQElP8SmT4OpLJjQNEvYEc1MUxWKBx%2FhUb9xEflqvxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfc89a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chief-slider.css
novy.tv/wp-content/themes/novy-2018/v3/libs/chief-slider/css/ 2 KB
1 KB 104ms
36ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/libs/chief-slider/css/chief-slider.css?ver=1.0.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20aecea986a9492b8b2b217fa9c056f1b916df45afa7905906fd9e58e931188a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43293505
cf-polished: origSize=3019
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:41 GMT
server: cloudflare
etag: W/"621605c9-bcb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt2H%2BkuS2y5xiz3MqMmkW%2FWe5ruuzrf01zVZL%2BpatCsB4yRV%2F2Lv%2F8Pc8sRYhnd7NPXcO5faXoD8HBmab4aPc2csujji22TzblckG9kqoRPHZhrzhH5bp1qxZmF5QrR37i314HQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfcd9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 testme_style.css
novy.tv/wp-content/plugins/wp_testme/ 924 B
710 B 91ms
23ms Stylesheet
text/css 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/wp_testme/testme_style.css?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de752507391e127ebb736c0ccd43c51e6cc54ece82f6ebeb3e10c766132bd7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=2460
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:50 GMT
server: cloudflare
etag: W/"63355dd2-99c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8RzLqq5DGycn1QsFO7CgcpOxbx7xZzWSecF0uK9v0YbJDZY5r7t91Ae3CxYym9J7DslwU1Xwc0ZaBwmuiKUbadBSGf1JIcAx17Y0HXw67y7fsL8IA4uLbVHoauVAV3EjYPUUCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7e69add8cfcc9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
novy.tv/wp-includes/js/jquery/ 87 KB
32 KB 115ms
47ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 08:56:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24894746
etag: W/"63355dd6-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nmKcluqfzJHnMMvk1gfshZl6C7NC4vHPLm1FSIm9zlQMUqXtBxtQPQpwgouMCcIN7b9y4nw07mJao6woZ5Gkt9gc8gt8mysVvxeVbAK8Scz0qp7SH55HOJfcZ4oDchBN6NPcxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfef9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
novy.tv/wp-includes/js/jquery/ 11 KB
4 KB 109ms
42ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Apr 2022 13:08:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 39515511
etag: W/"625579ce-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kppAXG0PQP6ceUlxEdMtCjm3PZYuYwxVWAlyh2OKcnGFyMTjYXDcfRy9z4Kkm%2B6eTXX0%2F87VyIu2BfbV5pjaRtxIcROcKGWUDP8Ilc3jk%2By3gKtPGZwz8%2BnQDomXPloEpxEe8%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfed9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
novy.tv/wp-includes/js/jquery/ui/ 20 KB
7 KB 110ms
42ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 08:56:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24894746
etag: W/"63355dd6-50eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9ZQ%2Fi2keBC9nv4WzBaUuxK6Esc9NnyVcpVcWjmNVoykzwuxr%2F6%2BIs8IE5%2BvZeWec48HOPD2cTqSwqbOGmfnmm1c9qF72mx902T00hJa4Ykr89HELGDGTA8G13%2B45eqOsVyqNic%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cff19a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-episodes/ 1 KB
824 B 121ms
54ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-episodes/load_more.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9215f2ae1aabfcb72341425fc577e854ea6e722398bf890140d1eef0d9a63125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43577344
cf-polished: origSize=1900
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:32 GMT
server: cloudflare
etag: W/"621605c0-76c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHgpLYfYdoBVdPYF242cViMUJgLTX%2BCdF%2Fr7EnylRZn9Ep6JC2sFPkpvq%2B1qBFKnrHSsEu3Gh0loOv3%2FtHsn%2FHqFINCOiJIRXBdbdBmpwX1V%2BAA7ONCKZKtuJCA5JKBtdfoOr4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cff09a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 append_link.js Show response
novy.tv/wp-content/plugins/link-on-copy/js/ 1 KB
920 B 106ms
39ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/link-on-copy/js/append_link.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a170a2136ac35a9346cfedb12eb6e6dd61aa5d08ee556c80333976f4aeccecb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=1505
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:44 GMT
server: cloudflare
etag: W/"63355dcc-5e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4QYyqTojUCNWh5RCSX%2B%2BP7fy10L7MZd1jKg0WF9goRg%2Fw9RpRacwGrD9xUmrdOifLGoxs7If%2FxsLJS6vUGozqev0mVZLEeCOH8g2IUpcCxaxcrl1SDTOMhI1Iq8LUUlR2VRahM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe29a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circle-progress.js Show response
novy.tv/wp-content/plugins/vandt/assets/js/frontend/ 4 KB
2 KB 97ms
30ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/js/frontend/circle-progress.js?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2c85754d9483addaf3d128e7b28516f9ec28eb01d0c8de8d9fe6e4498e1628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1863518
cf-polished: origSize=4446
cf-bgj: minify
last-modified: Wed, 21 Jun 2023 09:04:24 GMT
server: cloudflare
etag: W/"6492bd18-115e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EqAmBNatYt043fe2vUsoo0esJ947cIr0qZOo7cnjkTerF2H0CpJpTQdGj0BSJM%2BCaRapTGsK42YIk7Rv%2FG3p3kNyBB98rfj4NAa2rVE0T9TIJy9u32boive7lcK0R71STLNxHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfd89a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ripples.min.js Show response
novy.tv/wp-content/plugins/vandt/assets/js/frontend/ 3 KB
1 KB 105ms
38ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/js/frontend/ripples.min.js?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce487a64fbd92ab717241ae535b45a8bc008ac7db0fcc43f4033c4086344bd27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 03 Oct 2022 12:15:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24522536
etag: W/"633ad26b-aa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BReYS%2F1R4Da4tVUediydTuyFWJblqLeKZA1I6bCUtsGgXJ%2ByTZwT6%2F2PbMiG0m7xOZK4QqZ1fHWkNNlhQO4MMnpCWX%2FrM3UUcmcjQhQRkJJTYJzFXKsbqLe9rHGX13kha9%2BJcP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe39a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 material.min.js Show response
novy.tv/wp-content/plugins/vandt/assets/js/frontend/ 5 KB
2 KB 105ms
38ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/js/frontend/material.min.js?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58cc61823190fe6cc648d14c521055c3801484b5d74604aaa016e97cbf926775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 10:26:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 116980
etag: W/"64a696c0-15a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5eEuRPkwHhR2FYpAoPSVGJEbpfBf4APuuuJQTnD1zdNK5Y865HaVQE0vxY34hpYrYoNzTnv0IeFu%2BL89jgYgmuWejFumrNYZaR0tF5DJwT4oPONOZMFTwvFeJvGAifKS%2BX8n%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe49a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
novy.tv/wp-content/plugins/vandt/assets/js/frontend/ 6 KB
2 KB 97ms
31ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vandt/assets/js/frontend/main.js?ver=1.2.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f42b87a604e0473edd571121cde804cff5513f844a22b23562a28a4d683396e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24522536
cf-polished: origSize=8157
cf-bgj: minify
last-modified: Mon, 03 Oct 2022 16:23:24 GMT
server: cloudflare
etag: W/"633b0c7c-1fdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cnG1BShbcKD%2BSe%2FTIJojG%2BiVk46c5qigyxj%2FdZm4Bd1xNbDaUNexbpuVQX0oXOfK2FnOeZGG78tsxoyNx27OO4TmIRpxSU%2FYalur4JwUJl%2BXgsHaYKV0V4p%2FPxNhHx%2BUqlH2Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfdc9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 2 KB
1 KB 92ms
26ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/jquery.cookie.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=3121
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:51 GMT
server: cloudflare
etag: W/"63355dd3-c31"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWfFMq8EkL%2BmzGd9q4LuIb1LyGySHGvmgyco%2F7%2FocbipKoloGA931l9zFLliAS0Y8yhhvy2lhPQLeDTDr2WyR%2BjkGyoeVxrbZahHFPfRYJzS%2B01MQA9fqs2LBmbUmuo7XtgqPgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfd79a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fullscreen-logic.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 2 KB
1000 B 105ms
39ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/fullscreen-logic.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66449986d1ee8f220f4a763bdf6d1ace8b447ded98e7e901dd0bbe014691056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=2696
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:51 GMT
server: cloudflare
etag: W/"63355dd3-a88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAoXSpmmNcjbzvZCgA5tEz9UQTSQNpYxPoRi%2BlnAH%2BBPqQULLUDWAw%2B083UwyHaIiCxuu7NRfwC5NapIF0xIjFyCwTSjv0ZnOwuNOTNlDRlP8ezeCmZLjuMzKt8jKbj9U5Cs5T0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfeb9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moxie.min.js Show response
novy.tv/wp-includes/js/plupload/ 86 KB
28 KB 108ms
42ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09bbeb1b10e71c0eed00d14a36252b1d7c628b1facc82c113fc6300c6c3461e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Feb 2022 10:00:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 43577344
etag: W/"621605cf-15681"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcERQLbZ9b2h3UK2elh5STOKuKzfihlpdiqwXeh49ckvwTUHp%2Fv9%2FRy8SABcdTAsLsUZiHQvEY%2FkNEfCc51q%2BLszt2AdukbD46aZgt34IzodZOlEmX2hOfd4Yf%2FZLtsIcP5i5b4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfec9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plupload.min.js Show response
novy.tv/wp-includes/js/plupload/ 15 KB
6 KB 99ms
34ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 07:28:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 57836410
etag: W/"6139b783-3cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkFhFwyFvcPpdJ1ynrHy7LeUqAr3dEF3qDH3YsL4ZbHkBUlVEBee98x3c152dD8Ua70BOBxde%2BoL%2BIXlG2uv2UgAGYW6kYyxNPtnMDutr18HAxf06WojCzlTJbLR%2FJcRVfHHp7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfd99a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-builder-shortcode.js Show response
novy.tv/wp-content/themes/novy-2018/new/deco/js/ 6 KB
2 KB 108ms
43ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/new/deco/js/form-builder-shortcode.js?ver=1.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fb18464ca8247411c2a298472fe63187e054946cfd825ad711c678fb679ccba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43725976
cf-polished: origSize=9793
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:40 GMT
server: cloudflare
etag: W/"621605c8-2641"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATZeGni5uNMH35njDk44ZN4wwxKanm3fHzSpDJWpBRFX6oBrGzZOCkNonc86khkfqLTH1KpYTCvptrz%2B9M5S8X03VHmT6vaxs7qVlkyzNKow8g5kHSZGutP6YQITn5G0Mho9sBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe09a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loadmore.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 506 B
580 B 106ms
41ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/loadmore.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c334028694d1c537a8614e24adefe1388362f00ed20d0cd1f738a03ca74fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22350987
cf-polished: origSize=867
cf-bgj: minify
last-modified: Thu, 27 Oct 2022 10:07:23 GMT
server: cloudflare
etag: W/"635a585b-363"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c83mMeCSPZJtalkHA%2FlvTRlS2hlNDrGnIOy3lVHgqVg%2BsE0vNBBYG5ETxGsegdm12BMrguNBRbgjHPFY4RGR6m%2BsewvKfgl7TAP4g5JBdGMpNSWXl4PSiszICvweQo2Bm7DkuI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe79a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iac_ajax.js Show response
novy.tv/wp-content/plugins/integration-api-clobbi/js/ 645 B
758 B 102ms
37ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/integration-api-clobbi/js/iac_ajax.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8014d0262bd3fd29a9472e160a179138cf7b89b0d41c4749c4b881545e25baa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43623559
cf-polished: origSize=916
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:01:01 GMT
server: cloudflare
etag: W/"621605dd-394"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DH62FQTV%2BfeJ2zctd%2BeZW6fCNIhuKhhK3M17mPQA1LvB8QPU8dczasxrKIreLvU57ErRcs3Vw5mrtLchIYEkeOCulTmk8URTdqoCnyAg23hJbQp5omSSriQm6JqfGJsSd8ejG3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfda9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-default/ 1 KB
807 B 99ms
34ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-default/load_more.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 801d1098e7f078d69ac2a579eeb309b171dd595ca85b3a65c3ab6f63419b1475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43577344
cf-polished: origSize=2018
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:32 GMT
server: cloudflare
etag: W/"621605c0-7e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJDeWZ7NVnPmTINdxtoeobb0b4eB6f5j0%2BKgGFYl63VeynulBx3WMdf1Ja5uTDASOHGRWbINPLbI5qdbjnKpY5kP3%2BgUAsK%2FVEBpDwh4Xm5xxndPnfbOM7wJXp2PgZ%2FquziOABc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfdf9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-medium/ 1 KB
866 B 103ms
38ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-medium/load_more.js?ver=1.0.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe56d812dfc3dcdc5209a5e4ecbf326eb83b27a8da6bdbd1b96f1d2aae386f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2462519
cf-polished: origSize=2133
cf-bgj: minify
last-modified: Wed, 31 May 2023 09:37:48 GMT
server: cloudflare
etag: W/"6477156c-855"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jS7Y8F4vWbzRvLmLTChGeP%2BQI%2B%2FC8%2FrAFPjsiLuOsmD7WjTAmDYmupuTOw7WgmeGhoA6HBhQCFrNfgQ3HznQ294KKT%2BxZafr7U4VPoG1Hm%2Fu7jYwSsUdi%2FMdl%2Fepc6KeMLw1F4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfdd9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-stars_hosts/ 1 KB
823 B 97ms
33ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-stars_hosts/load_more.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0085b9c521ff65bb0334663570bdda282acc3efff58559b73cbd7a4a17ecc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43293505
cf-polished: origSize=1925
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:32 GMT
server: cloudflare
etag: W/"621605c0-785"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRcAwvz92d19BKJHuJVYfv1LOLOte8zbimGqev6EWfQPK6bCXTK418IoVtTQjuH3STFKfw1o2CAENB%2FsYG8J%2BZsVTikMRFFfrJ8z7Y7M1HnriA01q%2B%2Fhgv9srICNeisEfCWzmvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfdb9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-stars_voting/ 1 KB
829 B 107ms
43ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-stars_voting/load_more.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0542a3af2c1612a106460e0978f7d5d81c86856b4662f9343e6bdc917002206a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47969813
cf-polished: origSize=1925
cf-bgj: minify
last-modified: Tue, 07 Dec 2021 14:38:51 GMT
server: cloudflare
etag: W/"61af71fb-785"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdbiVLh2R3fx1xyo0dybMgEJePaSA%2FSGWhvrnDOygZE6RCl9ACGNJHgwyz%2FaLB8q7YKUYSFoBDItUSV%2FIu4O7Q%2FPmqnOESbcX%2BAIqZQTLEIGtCVmAprCyOnZIDUH43FglA6d6sk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe69a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load_more.js Show response
novy.tv/wp-content/plugins/sld-con-novy-timeline/ 1 KB
789 B 105ms
41ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/sld-con-novy-timeline/load_more.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a37d4bbd62a8a70a1a71afc84a591c29feaf2cf0b2942146517d3afb27016b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=1727
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:46 GMT
server: cloudflare
etag: W/"63355dce-6bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXYfSs3avA3EifDeuApfUGwuD2fqcugMqaMJ%2FlhxyioD1RETKDTwr%2FdhAJkP4%2FSX%2FBNxrdpG%2BvspwLRkybo8vkosgAetAK%2B3hf0giScvOl7C%2FT0EDxKh%2B29JA9aTXUi038gISM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfe89a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.min.js Show response
player.bidmatic.io/microplayer/v2/ 15 KB
5 KB 80ms
14ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/integrator.min.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bae8d1e64afbef0b01473417b125527c1d7e8d92d8bb26c46abbb1877a20422a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 14:10:08 GMT
server: nginx
etag: W/"644930c0-3dec"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 16 Jul 2023 12:13:20 GMT

GET
H2 200 ados.js Show response
novy.tv/ 19 B
374 B 89ms
25ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/ados.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40090876
cf-polished: origSize=22
cf-bgj: minify
last-modified: Wed, 06 Apr 2022 11:50:53 GMT
server: cloudflare
etag: W/"624d7e9d-16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CZkFv%2FhasyL%2FNT7kt0R%2F4wP5XWXiUf3YDjuZkYmckVl5wlwcp0VwTwtEdJf13nr9u05Kubf8Oa3x6VyQqPjaVvY8LU%2BXs1DZzs2Sv%2F3T6%2BfIF0QiHYUW6O%2FzFeYMoHTW6Hh7aw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69add8cfd69a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_spring.png
novy.tv/wp-content/uploads/sites/96/2023/06/ 4 KB
4 KB 39ms
31ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2023/06/logo_spring.png
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe44021bb6e2fcee8a524e22b1c90fdfb8de17f5956b2973b4701e9a80c4689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65585
cf-polished: origFmt=png, origSize=6542
content-disposition: inline; filename="logo_spring.webp"
content-length: 3672
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Jun 2023 04:18:39 GMT
server: cloudflare
etag: "6499119f-198e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzjXyH26w4dWdKejcSZQZcTURT6jHsc58uP0hmd6Kwclr20X3HCTPI05Lw5WA8TvXH%2FRmG5%2Fe8sCJD2qrsIqgQb8RX81GzzaNcOMeNwS7De53N%2BFhxjHPCexBwfUkASqpDjG7hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addafaba9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 novy.tv.1392473.js Show response
jsc.idealmedia.io/n/o/ 3 KB
1 KB 74ms
29ms Script
text/javascript 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24155fd449b27dba478aba31849bd435cfdba27e5f614c4dd5c60f15b7f1778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
x-amz-version-id: ZnsIj011xzsRRMLYURRAipGExRkgzyw2
cf-cache-status: HIT
x-amz-request-id: CXQPVJ0AXYVDGKPB
age: 38
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1017
x-amz-id-2: aOAMUHhs8qMtM/sr4m5Ql32iufh97Rp7aRqP6kO6giDVE4kxxEPs8ceiWd5XiSk9nqdSo/nDLu8=
last-modified: Thu, 27 Apr 2023 07:29:48 GMT
server: cloudflare
etag: "b1afdbc8a67d8dddace59f711a7b4cbe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7e69addb2bc71bdb-FRA
expires: Fri, 14 Jul 2023 15:13:20 GMT

GET
H2 200 outstream-unit.min.js Show response
player.vertamedia.com/outstream-unit/2.11/ 215 KB
58 KB 79ms
12ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 30d26fb316d4e40b1bbc518fd6f379f2ce289db5ab3fc400bf9c5f59cee0d660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 16 Jul 2023 12:13:20 GMT
date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
last-modified: Fri, 11 Jun 2021 08:33:17 GMT
server: nginx
etag: W/"60c31fcd-35dc2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 shout-icon-green.svg
novy.tv/wp-content/themes/novy-2018/v3/images/widget-icons/ 6 KB
3 KB 40ms
32ms Image
image/svg+xml 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/images/widget-icons/shout-icon-green.svg
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc6e9e4eed8c1a8abc1f19d293d0151e46efaed4005315de255b2cc0da0b476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28525794
etag: W/"62fdf440-1965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rikPmcMM2%2BwVXTM9HpN8wTGfLewwaVdF8z9V3W%2B6H6H029FK2omlEp9g93HL3o5SUlOVzv0zeVLEJsjJat97FifsnT0lTrQKyCHe7WYAjZ9eTfBJkMCf8Fb4GrO0HcYAL6XJlFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7e69addafabc9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ictv.png
novy.tv/wp-content/themes/novy-2018/v3/images/socials/ 410 B
773 B 38ms
30ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/images/socials/ictv.png
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7097fac153159cf580230139aa18e9cb41d69ce9233b5aa2e904e4f74932123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67163
cf-polished: origFmt=png, origSize=801
content-disposition: inline; filename="ictv.webp"
content-length: 410
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Jul 2023 10:26:12 GMT
server: cloudflare
etag: "64a696c4-321"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyrAahjApj5zoSR6D9hoogS0XqVuXu%2BFpa0A%2BXBxIQCUsAMl5JRDSLblbxh6weYDK%2FihXqAwYvxOk0Eb7spuCGWW4d5cyeokmnYwVbfwnn5XQINmXPyTIwfMZLiCg4YjoCeurPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addafabd9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 legalcontentua-logo.webp
novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/ 3 KB
4 KB 37ms
29ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/legalcontentua-logo.webp
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295f7d993b81a1b9f86862835671d1c860ead5afbac19cc20e1b6d3214720517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 10:26:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1936
etag: "64a696c4-d98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gr2sf6xzxVu8%2FyZ3WN7YfCFPMGiVmsM3aFB%2F4UIMMYWW7E0t%2FjkyH0mBZVzoJHqHy7nKS5%2FhBrtf69RrDXj%2FP%2Fnz1%2F7whOUlde%2BtI5BT%2BzwimrmOityO9RYXviwuEN0OP2blcww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e69addafac09a3f-FRA
content-length: 3480

GET
H2 200 testme.js Show response
novy.tv/wp-content/plugins/wp_testme/js/ 3 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/wp_testme/js/testme.js?ver=1.1.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c5263bbb83770537d1add11076191723e619b8d94f770a59d31a95aad1bda40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46333399
cf-polished: origSize=3440
cf-bgj: minify
last-modified: Mon, 17 Jan 2022 11:06:15 GMT
server: cloudflare
etag: W/"61e54da7-d70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56Up0PuZxi803%2FPBgpiw%2FsbReCsg7hzAINbui2d9SKfM3wddc3JRJx9QhIJvyk9GhYyRJd7VNaT%2F2ih0V7Yjdypps0ZiM4xeZPUKdePztq2PHGBUGw%2Bcp4N0t3VfyXZLFGA5m4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addaca6b9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adriver.core.2.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 5 KB
2 KB 28ms
18ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/adriver.core.2.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daca2dce2dfa30dc3106ef72d8ed8e26cf92b5d6114f427b7729a3b17708c834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24894746
cf-polished: origSize=6066
cf-bgj: minify
last-modified: Thu, 29 Sep 2022 08:56:51 GMT
server: cloudflare
etag: W/"63355dd3-17b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcFZZdKzhY7HLwwocgk447bIKehc%2B4Kq2pVXCkmuemB%2BVzmbovpCqai%2BxDD4rVrZXYVxsNpcuAVbR8x%2FPFBGWSpEUXmJ9Z%2BL4WWxlsOznkOoA%2BpimL2Hn0Dmtis1GOD%2BRvFrmnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafa9d9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.bxslider-rahisified.min.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 20 KB
6 KB 34ms
24ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/jquery.bxslider-rahisified.min.js?ver=6.0.2
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3209c1fc4191f316945ee564f83c7c9c53951300e1f4727a8bc12d075498e0f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 08:56:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24894746
etag: W/"63355dd3-50ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D88aFbUKLuUpz7Cm0JDHzjDlkDVmEu56sEEOX2K41f2syPWiiTu%2FDBIeOsVcIewNPmjQ96Zb8e6XHB0Nr8Cq0vfoyDmpZMRyLeWpEG3DxGAJHH3ZsvxmD92wZgQ8f0vLAhlc6jY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafa9e9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.flexslider-min.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 22 KB
7 KB 33ms
23ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/jquery.flexslider-min.js?ver=2.7.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af1f9ff5761daa81b6c1cdb1a8cf862ea9348fd2d3610ff9a9b454e8eb033f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28525794
etag: W/"62fdf440-58cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2F0OxFhqJ3k954BBZ7%2FTv9x%2F8SodOlZmb%2Fo2DP%2Fa6R7R9Z2ngXB%2BE0U4sMxeWInwpLYqJbQW9Cd8houFFN5WfeM3y9jBs4%2BSQXiXRp5JaR7p9eYPdSkzRkgGWuaXDSjPMMRPnGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafa9f9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.fancybox.pack.js Show response
novy.tv/wp-content/themes/novy-2018/js/fancybox/ 23 KB
9 KB 32ms
22ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28525794
cf-polished: origSize=23737
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
server: cloudflare
etag: W/"62fdf440-5cb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvY31IR4qMgb1poxeRJK5Vl98n7I1qr1GvPxzgDPG1oWbSDaEd%2F6er8jh1O5siXzrSfQdWifUekq6LcFQbu%2BHqJCQ2ZvU4wXeONQUXkd5hXbSyoDBKreF7HrhVOKWHx3DfdSFVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa09a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.selectric.min.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 4 KB
2 KB 31ms
21ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/jquery.selectric.min.js?ver=1.6.6
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d99a56c4e6eee8e7d20180889d67482472f80d1ff1c1924f7a24246c6c7be68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28525794
etag: W/"62fdf440-1025"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKcojmCxg8chSUiYbQJM363v9fmDfvSOpzbvvd6eKxZUBxOQeCMcKMVRGE%2BtX0b0VoBdLEctaSieb27yy%2B5iKRsZ%2F%2FhsSjyY5ApkhI8WiKoHuQc%2FMSn6k5HOAKbJCKn%2FkR9u6hw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa29a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazyload.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 2 KB
1015 B 28ms
19ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/lazyload.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abeb7875c9a50f84249903d4a8353483ab83f0c9fe58038b58d7f2424642ddfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46333398
cf-polished: origSize=3158
cf-bgj: minify
last-modified: Mon, 17 Jan 2022 11:06:16 GMT
server: cloudflare
etag: W/"61e54da8-c56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYgZHNGFp1ii0wsOSDF3cJFH%2BNntF%2BP3u90M9KuwBsZqQ64uHl4xDAIPAelkeoQvBVjtt0nj0TEhwXZ3VNAvIKL%2BK9mvXvUIanb0LG6rS8vfgVgkCP5vBmq4TGfCQdZgqmTCiJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa39a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookieAgree.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 1 KB
946 B 30ms
21ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/cookieAgree.js?ver=1.0.1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eadfd9c4747a5049f0c9c1083d399138572d2b1da1df471adb0a0432360f3d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46240968
cf-polished: origSize=2117
cf-bgj: minify
last-modified: Mon, 17 Jan 2022 11:06:16 GMT
server: cloudflare
etag: W/"61e54da8-845"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zRHiemoQutTrtnbRdcJdE2naHibJOb2CtJVYcW%2BsdAlgF87Q4eyBWoqBHayYxBcpjPHlfrHGCpryEhrIgzZmG6laGx%2FVyyGqwTnbaPhnb%2BClgFzFzrRiNpc1KzUOtaGM%2BvTllc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa59a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 30 KB
9 KB 37ms
27ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/main.js?ver=1.0.9
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65f31149bb8dc57f8c6cbab63de50c8427541865e400ac3a6c2167f2e502ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31175710
cf-polished: origSize=69936
cf-bgj: minify
last-modified: Mon, 18 Jul 2022 16:16:30 GMT
server: cloudflare
etag: W/"62d5875e-11130"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57KMwbA0m3NVDMutfY4UWuHifF57Rbm5k0ovptGcIYZGNyXyPQ3oHcx8r1Hxir8qLkiB9fNcm3jG27dNITmXNlavck1xGpwCybG881T3YEM1YmpbQHosdQcFX%2FBqpCBQQbcDLus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa79a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.maskedinput.js Show response
novy.tv/wp-content/themes/novy-2018/js/ 6 KB
3 KB 33ms
24ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/js/jquery.maskedinput.js?ver=1688639171
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70070dea8563cf48b07bd826618554ebb5cc1ea6332d024c4697e774c4ce44d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 354781
cf-polished: origSize=10317
cf-bgj: minify
last-modified: Thu, 06 Jul 2023 10:26:11 GMT
server: cloudflare
etag: W/"64a696c3-284d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwi8Txrg92ndH7M%2FNh0pDCFHdnxRkcz9hd8CCP5D9bzsEKY4nDiKc2TDcPxREhSlzUomQPfmlHVcG2UYJ9v5WCVCmJ%2FuLrECzNIKeZzVeAVUroeBueEzMLW6juT4NZiUMhzbnbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaa99a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 common.js Show response
novy.tv/wp-content/themes/novy-2018/v3/js/ 5 KB
2 KB 36ms
27ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/js/common.js?ver=1.2.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66f579deec67acb2aaf8636f81238e82211cc78cf7f88d90b0001ca588a6ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28525794
cf-polished: origSize=7087
cf-bgj: minify
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
server: cloudflare
etag: W/"62fdf440-1baf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DtyzvuEB8v6Hvz2qTHc3V9NHBhTNIHADdbBaogvH22ffRLcoDUiBdGMJl6nF7l%2BNN%2Bw0K0%2F0mI8lwyXFwR0KJdwW%2F%2BLCCCioaG937JA1HMMea0e9561bSJ6rr50P%2FKfxF9QRBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaaa9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chief-slider.js Show response
novy.tv/wp-content/themes/novy-2018/v3/libs/chief-slider/js/ 12 KB
3 KB 29ms
20ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/libs/chief-slider/js/chief-slider.js?ver=1.0.0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12febd4dcd08be289fc7e8f615991923809f122e6e2cfed50ec7b1b1a141342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45018306
cf-polished: origSize=18135
cf-bgj: minify
last-modified: Tue, 08 Feb 2022 09:46:37 GMT
server: cloudflare
etag: W/"62023bfd-46d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK6LXxFq7gX6UATSRUnNszy6D9bg1nrjKDF%2Fs%2FttgiY%2FKfy9kFqSOIhG53HpFroTTFztE1oiv1HynySvi4vaFkgeU28bRjJl7sh%2BYWDENWugKcSBO3grp%2FG3RpvDrxe9iXltU%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafaac9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vi-abtest.js Show response
novy.tv/wp-content/plugins/vi-abtest/ 1 KB
878 B 37ms
28ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/vi-abtest/vi-abtest.js?ver=1.0.7
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b116862ec4708442f8370c88059030fccde5bb57cb9d7196d2616c8e19bacda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15292633
cf-polished: origSize=1466
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 12:05:53 GMT
server: cloudflare
etag: W/"63c7e0a1-5ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx0VLTXOS2lQEjh592gLOZbeaCY%2BpcRB6IP0mVprTURHAJ1cGunLdS5jziS8TX4rp%2Fxa8FQAz7NtABNR2YYlOtmuwwjAMsxJ8QI2upkX1RQIf7oLe1XnGMYSOUGR0Ykfmw7G0rI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69addafab79a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hb_266844_677.js Show response
player.adtcdn.com/prebidlink/469260/ 918 B
1 KB 67ms
23ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/469260/hb_266844_677.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23a47b558ec8546ae92b26295eed1365a54c5004521cde80b6eb4d29d6a0391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 08:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 453
etag: W/"64b107bc-396"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MH6iBsRhRHPkLsAMA%2B0eKaGjkMuik10mxGruyn9WOOHIZrS%2FgRpaE8AVlGrqTZFdQVnuBtxjJ2EE48dYobdmHYoDGF0qk25WofSHKw%2F85O1oNgxNmsbKhxtnOt8owqex8DuaBsNhaZA4Qqi8IR0Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7e69addb2be11e10-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jul 2023 12:20:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 143ms
94ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7912563987cf53dbaa44382a8ebfd5351f811f9015dd7dcb4e914c8274c7ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27664
x-xss-protection: 0
server: cafe
etag: 716 / 19552 / 31076035 / config-hash: 7996658803364552228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:20 GMT

GET
H2 200 wrapper_hb_266844_677.js Show response
player.adtcdn.com/prebidlink/469260/ 2 KB
1 KB 69ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/469260/wrapper_hb_266844_677.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b2de1a49c001373789ce86503a472c35b6032e351aa17e02c8ba2ac1049a65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 08:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 453
etag: W/"64b107bc-6fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMXHNL1SDOBAexk6MXGcjWGn9%2FzBe3l60%2BbqV1yju%2BdkwTijR%2F31tcUpO22w1%2BydVPBmXGU05rMtAthu6wG1uES9LlOdM5dUlbjTs%2FMu3i0Qf4Iz9ABtLVRBryCPOngj8nGh2tyTEQYxH4JRe78VNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 7e69addb2be41e10-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 14 Jul 2023 12:20:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
87 KB 84ms
40ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f32beddade8548d21e686a2eda947a9f2b0f6d8b70fbb8da85b578d81666e949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 12:13:20 GMT

GET
H/1.1 200
OK cwELzv3aSV0X Show response
cdn.onthe.io/io.js/ 55 KB
18 KB 178ms
73ms Script
text/javascript 142.93.164.216
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/cwELzv3aSV0X
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 142.93.164.216 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e8f47fa9940a6b629911f7e1672f060069ebdfbb7118b2e9da882efff9d26a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 06:58:23 GMT
Server: nginx
ETag: W/"60ebe80f-dd2c"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Sat, 15 Jul 2023 12:13:20 GMT

GET
H2 200 sdk.js Show response
api-esp-eu.piano.io/public/sdk/v04/ 43 KB
14 KB 84ms
28ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 14008
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 11:15:32 GMT
server: cloudflare
etag: W/"1bbec-1887bd1e3c8"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7e69addb4d3f3659-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Sat, 13 Jul 2024 12:13:20 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
18 KB 532ms
32ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: a8e6e3bae7ae349523b4fdbfc22654ca1db55fa81e928650dd0d8be49fc5d04d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 15:58:04 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 18031
expires: Sat, 15 Jul 2023 00:13:20 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e59af19807bff44a3534dea77e76e3a367024ef7fb8399927a44337d96d9642c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4076cb010aa9cad85860e5fa888747609824b5da0e74c858ef278a02270d95c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3276b06ea1089d982269d3fa40953de6c073348f7e902825cc6bf46b57a5891a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b48d17c9b39ac37a995a6af1990916e9f61ad106662ee3a3313608ef53cbfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90d4e9c6b62d8719baca9398fda03dc56f1594ad9a2699ccbc6d1727db7b4895

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31cd494840979936605dbe77a2518a6f3b288c1e656059b964c5e88344520d14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68faa1cbc1f4aaf97c674b9acb0e3f5f80f39103d0aeac994547d2f8c0e727c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 separator_breadcrumbs.svg
novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/ 204 B
443 B 38ms
19ms Image
image/svg+xml 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/separator_breadcrumbs.svg
Requested by: Host: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/v3/css/style.css?ver=1.2.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d29d39690951c8d48da734f2319f2307e1d33a2b4aba8e98736f8fb3e625594

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novy.tv/wp-content/themes/novy-2018/v3/css/style.css?ver=1.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2022 08:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 28525794
etag: W/"62fdf440-cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mv4ZQPHkD%2BwUs7RiykeXbrcUHT3sIhYtM69uLeRU1umNVrlNZOtb3wgJ5v8H6m4deEq7l6ocnVCOu%2BJMLCcMxQ%2BHsoAOnNJ9YEAq2tWQudN%2B0NZDVYPl2w4wkZWRsB1fXqsGU34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7e69addb2afd9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET Inerta-Medium.woff
novy.tv/wp-content/themes/novy-2018/fonts/ 0
0

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9caee07982b6c9a8ee3b0d35849d95f7d18d537cbf48294bc77653ee704f897f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5333adc469c59c21aca34d01849c3fd727a03b906b42feefbf85d35964d67594

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET Inerta-ExtraBold.woff
novy.tv/wp-content/themes/novy-2018/fonts/ 0
0

GET
H/1.1 200
OK config.json Show response
static-cdn.adtelligent.com/outstream/10675/ 1 KB
914 B 421ms
86ms XHR
application/json 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.adtelligent.com/outstream/10675/config.json?hn=aidheps24.space
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: f1dff87786d29246c729f71d6174c0285ccec4f96ca16621bc894bdbe5d8f46a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Aug 2018 16:08:42 GMT
Server: nginx
ETag: W/"5b75a18a-42d"
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK /
bootstrap.adtelligent.com/outstream/ 43 B
229 B 406ms
87ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bootstrap.adtelligent.com/outstream/?page_url=https%3A%2F%2Faidheps24.space%2F&time_to_event=1689336800605&event=outstream_bootstrap_application_loaded
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK allstream-stats
aux-log.adtelligent.com/ 43 B
283 B 419ms
86ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/allstream-stats?e=216&st=2&tte=0&site_full_url=https%3A%2F%2Faidheps24.space%2F&fif=0&foc=1&bv=2.01&format=4
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
283 B 421ms
87ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Faidheps24.space%2F&sid=10675&tte=0&event=outstream_cfg_load_settings_attempt
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6d344931dd0e8b20b80baef0ed288dfa51c62681d21cf691fde47c094057228

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hbp_master_266844_677.js Show response
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 397 KB
126 KB 300ms
20ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_266844_677.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/469260/hb_266844_677.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c52a2d79fe45ee4b5b24936e37332d78bcce2ae7975facab0e85ce0e0cc91a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 16 Jul 2023 12:13:20 GMT
date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 11:46:57 GMT
server: nginx
etag: W/"64abefb1-63308"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 novy.tv.1392473.es6.js Show response
jsc.idealmedia.io/n/o/ 311 KB
97 KB 21ms
20ms Script
text/javascript 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.es6.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568d1ca43be6a7c3a52ef6ab86b175b49b6637baebd6c05541f0acab6ae5ea8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
x-amz-version-id: m_llmbFA4UzdofzjvuaCPTSAhvfPqvTQ
cf-cache-status: HIT
x-amz-request-id: SV3E13N8GEYBPTYS
age: 37
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 99453
x-amz-id-2: QQFlFueeYM9gv4EOibIUT7gbm+JIzhRD65dSpfBCSUYK2ZHVjGmEf0bXOPhnFyvjIbsXFX4a+jTJqj6yvBg5Vb2cV8kKxRCXar0NtKNILO4=
last-modified: Fri, 14 Jul 2023 11:40:35 GMT
server: cloudflare
etag: "717447dd6ce390e12cad151699f9b824"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7e69addc3cfd1bdb-FRA
expires: Fri, 14 Jul 2023 15:13:20 GMT

GET
H2 200 video_icon_white.svg
novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/ 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/v3/images/system-icons/video_icon_white.svg
Requested by: Host: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/v3/css/style.css?ver=1.2.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47f524ee3e804499f68269e403d3b272b7f16d1a87f39bfea7c54d42806876b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novy.tv/wp-content/themes/novy-2018/v3/css/style.css?ver=1.2.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 08:25:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7295139
etag: W/"643fa563-6fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQX6REMcClEZ%2Fu7bw1AQ5gc%2BP%2F8vN2nEXbd7LYu3Sgs8DDor3O2gKOWmSsDdISTZ%2Ba8PZQ9o1kXCx3Yl9kHU4LxG12gbVN4Vugz37bXpV%2FAenlYq7ziX%2F5r8KIaPTVsr8NAP5UU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 7e69addc4c5b9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 266b774ea14d2b5b21615e8915bfabe5be4dc578615fa2976c769a682ef23b56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f666b264722f0df80a6af095ac71f50a741fe27ef3b2dde247f232542e7e7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 311ms
46ms Script
application/x-javascript 217.16.18.206
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/js/adriver.core.2.js?ver=6.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.16.18.206 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
last-modified: Mon, 26 Jun 2023 07:13:25 GMT
server: nginx
etag: "64993a95-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Fri, 14 Jul 2023 13:13:20 GMT

GET
H2 200 hbw_master_266844_677.js Show response
player.adtelligent.com/prebidlink/KRZJ2/ 128 KB
38 KB 365ms
121ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/469260/wrapper_hb_266844_677.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 51d4e7e18526922d26c561051774bab201085dab90e6b71960b3f11e491590ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 16 Jul 2023 12:13:20 GMT
date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: gzip
last-modified: Fri, 14 Jul 2023 08:30:52 GMT
server: nginx
etag: W/"64b107bc-1ff45"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 262ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jul 2023 11:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 14 Jul 2023 13:04:37 GMT

GET
H2 200 hotjar-2348859.js Show response
static.hotjar.com/c/ 9 KB
4 KB 263ms
22ms Script
application/javascript 13.225.34.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2348859.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.34.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-34-68.cdg3.r.cloudfront.net

Software

Resource Hash

220a7911dd6de21926674a7aa2ac599513d6a22530676a1d46653feb6c637777

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Jul 2023 12:13:09 GMT
via: 1.1 b3f4b9d58649ca2204c0fb8174557c62.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 11
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d43b58ae197e4cdc82cbd19a3aed3f65
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: d8zN-frjWfVhbxYM3C7cGnaB3qMhAYiWaMQc4ThjYmv_c4oM7jNWXw==

GET
H2 200 sprites.png
novy.tv/wp-content/themes/novy-2018/images/ 64 KB
65 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/themes/novy-2018/images/sprites.png
Requested by: Host: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/main-style.css?ver=2.12.18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e5e64cb1d7edb133f7b3dd779be3a51660618d0c8758a5777abda755f5f53da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://novy.tv/wp-content/themes/novy-2018/main-style.css?ver=2.12.18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158178
cf-polished: origFmt=png, origSize=103570
content-disposition: inline; filename="sprites.webp"
content-length: 65952
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Jul 2023 10:26:10 GMT
server: cloudflare
etag: "64a696c2-19492"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVr7vNwFNqoR%2B36sXLTYYHEjXwhOK6olvt9S4gE2oMaJRsGAehs2CejZ7FXF%2Fh0qVlD8tHAAaMlDaw8qVctOjkXhtn8XEzeJNHwVr8ep8dhQP3VPeZJ4TmYVqBCfDjFEvFCVa6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addc8cb29a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK segments.js Show response
d.adtelligent.com/ 16 B
310 B 216ms
26ms Script
application/javascript 2a0c:5c81:5120::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adtelligent.com/segments.js?id=82
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5120::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Server: Adtelligent
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=7200
Content-Length: 16

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E7X8YLE29N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12644cf829a29c7cc2bcf64628334052367bb6d8593994e4f8c79db146a429b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 12:13:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6NKLEHBT8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCXV3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c4a1e299dff66a5e715ee27974b1c4cc160fe3d7f9a7f32175af325b70be51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 12:13:20 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value=&_bee_ppp=1

43 B
796 B

31ms
31ms

Image
image/gif

54.154.249.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value=&_bee_ppp=1

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

HTTP/1.1

Server

54.154.249.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-249-114.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-34&value=&_bee_ppp=1
Date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 391 KB
125 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:38:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12918
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:38:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 37 B
65 B 66ms
47ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aidheps24.space

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a27a1f7450bb503666d615f618632215bc48e2cd8d8e41f48b7ce7c049890de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Fri, 14 Jul 2023 12:13:20 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 53 KB
20 KB 444ms
40ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 101349871e92c6f5618fe959579fa68fba8d14659d273d0b61353664c101abc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 14:13:08 GMT
server: nginx/1.13.0
etag: W/"63c166f4-d3e1"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Sat, 14 Jan 2023 14:13:08 GMT

GET
H2 200 pic.gif
juke.mmi.bemobile.ua/bug/ 56 B
138 B 302ms
39ms Image
image/gif 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=new.novy.tv&j=1&nocache=0.9702970496253385
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: -1

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
559 B 398ms
47ms Script
text/html 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=14&holding=d51792b4d5f7e5523e2fa6df873e8051&hash_user=59e95c131.445cf1cba_1689336800774&1689336800774
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cwELzv3aSV0X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 12:13:21 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ab3d76f80bae37c0400d898562251eb6.jsonp Show response
files.bidmatic.io/microplayer/configs/ 2 KB
2 KB 68ms
8ms Script
application/octet-stream 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files.bidmatic.io/microplayer/configs/ab3d76f80bae37c0400d898562251eb6.jsonp
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: 98b3b368e44e38610d084b446e8a43dc3798cbbf1aac0309ccffb8714657a371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Fri, 14 Jul 2023 13:13:21 GMT
date: Fri, 14 Jul 2023 12:13:21 GMT
last-modified: Tue, 16 May 2023 07:55:13 GMT
server: openresty
etag: "646336e1-677"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
content-disposition: inline; filename="ab3d76f80bae37c0400d898562251eb6.jsonp"
accept-ranges: bytes
content-length: 1655
x-proxy-cache: HIT

GET New_Channel_Font-Medium.woff2
novy.tv/wp-content/themes/novy-2018/fonts/ 0
0

GET
H2 200 istock-1212738741.jpg
novy.tv/wp-content/uploads/sites/96/2023/06/ 48 KB
48 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2023/06/istock-1212738741.jpg
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9768a8cc948c2859128f4846caf379f6e316a6e55c015026e75cf9b4124a6465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63264
cf-polished: qual=85, origFmt=jpeg, origSize=263584
content-disposition: inline; filename="istock-1212738741.webp"
content-length: 48984
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 13:03:27 GMT
server: cloudflare
etag: "6483231f-405a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqNpIE2jlidfCpXneykTSV1Hpn%2Be86t28o3zzzBsIRWvVwsk%2Fdnntw%2FqAoSgyP2U8S0F85QMwc9DxbGpArWpsetqdXHnz19TIaRZFau23m5pmTNWvsiWDvsMI%2Fl48rrtTwCcTUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addd2d5f9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1456x174_donate_spring.png
novy.tv/wp-content/uploads/sites/96/2023/03/ 166 KB
167 KB 22ms
21ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2023/03/1456x174_donate_spring.png
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f2ec54aa38a98d041f5d6b10f14de0edd5512b57b88c2adfc97fcf4d469f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1871305
cf-polished: origFmt=png, origSize=225952
content-disposition: inline; filename="1456x174_donate_spring.webp"
content-length: 170462
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Mar 2023 12:18:24 GMT
server: cloudflare
etag: "64009410-372a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwqqvWbX1oy8ryMNbFAXFgGlj3O9CPEa8OCVi2nRIHlkscwSGgcAvuXJGTjclHdI5U8eaM305gNxuekSkjxkxKzx9O6kqlum6bxFC6%2BDfR14C2agmXMqSpcwty%2Btd0p%2FcKzunAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addd2d609a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 342 Show response
api-esp-eu.piano.io/publisher/fusion/lucid/data/ 2 KB
1014 B 39ms
38ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/342?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: novy.tv
URL: https://novy.tv/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d21f67c3a5cde43c7d762efbc593e52ad1faa5b1d2cc8059a9ade3097bb1338

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"794-0kUYuu+S9M1Q4rZErh0ZnbVgJ64"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://aidheps24.space
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7e69adde193c3659-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 istock-1354432636-1-e1657884384730-300x225.jpg
novy.tv/wp-content/uploads/sites/96/2022/07/ 11 KB
11 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2022/07/istock-1354432636-1-e1657884384730-300x225.jpg
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15419e486203a04e4aa782d87a8787fe0f797d892c704dd9ac82cb5d2b1883eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12315
cf-polished: qual=85, origFmt=jpeg, origSize=36934
content-disposition: inline; filename="istock-1354432636-1-e1657884384730-300x225.webp"
content-length: 11136
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 08:25:20 GMT
server: cloudflare
etag: "64b10670-9046"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8VE9M8VKMtEBXyb6mei1R%2FK5uI1XXDJoj%2BY0K%2F%2FSspMB2WyUgn4DchgyomwZOb3jBDBhPMKEqGOye0qyV7BfqYul0503uiZQKYESBcxpu0b46wAb%2BESt%2BugdaMGLjeuDOOT0uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addd3d6f9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 istock-942177312-e1657883371787-300x225.jpg
novy.tv/wp-content/uploads/sites/96/2022/07/ 10 KB
10 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2022/07/istock-942177312-e1657883371787-300x225.jpg
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9aa3ff6337b49f2547a758e2a91a664df8688b0773024863b04d5f23b9d194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12831
cf-polished: qual=85, origFmt=jpeg, origSize=33580
content-disposition: inline; filename="istock-942177312-e1657883371787-300x225.webp"
content-length: 9968
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 08:22:22 GMT
server: cloudflare
etag: "64b105be-832c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdDProPGDeraPRgRXCW7azeN0JPHXhYVqydccg8l0NEi%2B5Gvr4PPnBpfySbS3gKUz9Nnorx3C6Vj7n45lOcII8VUgBOdXLQPPGZucwUS7EtzrUXI5F3DuE%2B9pfLb1T%2BrxzYcM0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addd3d719a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 istock-970756548-300x225.jpg
novy.tv/wp-content/uploads/sites/96/2021/06/ 13 KB
13 KB 22ms
21ms Image
image/webp 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novy.tv/wp-content/uploads/sites/96/2021/06/istock-970756548-300x225.jpg
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd5f558a0b6a4fff9b9093d9fd6492cd4cbbdad24e07455be690bf18cc0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57158
cf-polished: qual=85, origFmt=jpeg, origSize=27529
content-disposition: inline; filename="istock-970756548-300x225.webp"
content-length: 12882
cf-bgj: imgq:85,h2pri
last-modified: Thu, 18 Aug 2022 13:03:30 GMT
server: cloudflare
etag: "62fe38a2-6b89"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIcUo9zS2tj%2BYd5J9fNc872PxBgzDtjqJWItsFeOeBjsDtn6xYF2lZRNTc9eiofBGCuP0Pj9RegFfDjYLncyzSgQdrmUD0d502%2BpKJQ%2FVoE7m8TKim6azkt2dk0xTriXML9k%2Fs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7e69addd3d729a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET New_Channel_Font-Medium.woff
novy.tv/wp-content/themes/novy-2018/fonts/ 0
0

GET New_Channel_Font-Medium.ttf
novy.tv/wp-content/themes/novy-2018/fonts/ 0
0

OPTIONS
H3 200 342
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame 0
0 142ms
23ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/342?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://aidheps24.space
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://aidheps24.space
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e69addde97dbb61-FRA
date: Fri, 14 Jul 2023 12:13:20 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
BLOB 200
OK ecec376d-bb5f-41cd-945f-a19c44fffead
https://aidheps24.space/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aidheps24.space/ecec376d-bb5f-41cd-945f-a19c44fffead
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK ec301d2c-7909-4ac6-9b05-edfab648cd80
https://aidheps24.space/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aidheps24.space/ec301d2c-7909-4ac6-9b05-edfab648cd80
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 80ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6NKLEHBT8&gtm=45je37c0&_p=1316124108&_gaz=1&cid=1938475494.1689336801&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689336801&sct=1&seg=0&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6NKLEHBT8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 64ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-H6NKLEHBT8&cid=1938475494.1689336801&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6NKLEHBT8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 115ms
60ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6NKLEHBT8&cid=1938475494.1689336801&gtm=45je37c0&aip=1&z=1044858887

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ 864 B
844 B 153ms
22ms XHR
text/xml 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?aid=369931&sid=10675&player_width=300&player_height=250&format=outstream&site_id=Novy_Outstream&content_page_url=https%3A%2F%2Faidheps24.space%2F&cb=1689336801113
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 77d1e01de3e1434eeb84cb1baeda3eb8b6bd85b35189ad15e461c43b88699a6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 542

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
283 B 93ms
92ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Faidheps24.space%2F&sid=10675&tte=476&info=%7B%22status%22%3A200%2C%22msg%22%3A%22success%22%7D&event=outstream_cfg_load_settings_success
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
bootstrap.adtelligent.com/outstream/ 43 B
229 B 93ms
93ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bootstrap.adtelligent.com/outstream/?page_url=https%3A%2F%2Faidheps24.space%2F&sid=10675&time_to_event=1689336801112&event=outstream_bootstrap_application_instance_created
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
283 B 387ms
387ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Faidheps24.space%2F&sid=10675&tte=0&event=outstream_cfg_load_vast_config_attempt
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:21 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 modules.5957fbf26d1b525b5a12.js Show response
script.hotjar.com/ 274 KB
67 KB 78ms
22ms Script
application/javascript 18.164.52.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5957fbf26d1b525b5a12.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2348859.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-95.cdg50.r.cloudfront.net

Software

Resource Hash

e1a95fe6d4be6f16467a0a7a04c51110a66f610b7d59cf9b716fa34f1543c42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 11:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 009b28dd2e1a33c65de17468676b9c46.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 3554
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68492
last-modified: Fri, 14 Jul 2023 11:14:02 GMT
etag: "d66c5115c5512ad428cd30462d44ee4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: YDMxxDMGj2905wCP6jVxdoLXQQ4yhTQV5hUO2iChM59c6qo3J80GpQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E7X8YLE29N&gtm=45je37c0&_p=1316124108&_gaz=1&cid=1938475494.1689336801&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689336801&sct=1&seg=0&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7X8YLE29N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 33ms
32ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E7X8YLE29N&cid=1938475494.1689336801&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7X8YLE29N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E7X8YLE29N&cid=1938475494.1689336801&gtm=45je37c0&aip=1&z=1684415065

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 16ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1316124108&t=pageview&_s=1&dl=https%3A%2F%2Faidheps24.space%2F&ul=en-us&de=UTF-8&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=690014741&gjid=941174953&cid=1938475494.1689336801&tid=UA-27719526-1&_gid=2037483514.1689336801&_slc=1&gtm=45He37c0n71PCXV3M&z=1665792246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=690014741&gjid=941174953&_gid=2037483514.1689336801&_u=YCDAgAABAAAAAG~&z=1004076885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 16ms
15ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1316124108&t=pageview&_s=1&dl=https%3A%2F%2Faidheps24.space%2F&ul=en-us&de=UTF-8&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAG~&jid=1074463960&gjid=2019175081&cid=1938475494.1689336801&tid=UA-27719526-4&_gid=2037483514.1689336801&_slc=1&gtm=45He37c0n71PCXV3M&z=228480100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1b05b4f7169f900d629a82f50f1873fe2d5791ecac5c428f9f2a21b20895ae62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1074463960&gjid=2019175081&_gid=2037483514.1689336801&_u=YCDAgAABAAAAAG~&z=1707814586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 25ms
7ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1316124108&t=event&ni=1&_s=1&dl=https%3A%2F%2Faidheps24.space%2F&ul=en-us&de=UTF-8&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adBlocker&ea=inactive&_u=YCDAAAABAAAAAG~&jid=1647544846&gjid=283048676&cid=1938475494.1689336801&tid=UA-27719526-1&_gid=2037483514.1689336801&_r=1&gtm=45He37c0n71PCXV3M&cd4=inactive&z=633819084

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 17ms
16ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1316124108&t=event&ni=1&_s=1&dl=https%3A%2F%2Faidheps24.space%2F&ul=en-us&de=UTF-8&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=premium%20banner&ea=undefined&_u=YCDAAEABAAAAAGAAI~&jid=1884518174&gjid=2059295473&cid=1938475494.1689336801&tid=UA-27719526-4&_gid=2037483514.1689336801&_r=1&gtm=45He37c0n71PCXV3M&z=1068060724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 186 Show response
api-esp-eu.piano.io/tracker/lucid/visit/ 65 B
562 B 669ms
668ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/186?story_url=https%3A%2F%2Faidheps24.space%2F&visitor=5oqnu3w3w1akc0am

Requested by

Host: novy.tv
URL: https://novy.tv/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9cf5f45f23995e94e64211189d13a2ef0df270327732382ffffc2db19135b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"41-g5cX0eooR1WQJNro996IaCW95fI"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://aidheps24.space
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7e69addfefb32bc6-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 186
api-esp-eu.piano.io/tracker/lucid/visit/ Frame 0
0 21ms
21ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/186?story_url=https%3A%2F%2Faidheps24.space%2F&visitor=5oqnu3w3w1akc0am

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aidheps24.space
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://aidheps24.space
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e69addfcbe6bb61-FRA
date: Fri, 14 Jul 2023 12:13:21 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 284 B
422 B 33ms
31ms Script
application/x-javascript 51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=aidheps24.space
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 6d81ed152c0fa56b33ba9397574454a01f475ff8b08c6b3bc93cae01870bd6b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 284
expires: Sun, 13 Aug 2023 12:13:21 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3660 5 KB
3 KB 117ms
32ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 18d6a97ae9a38a5a12d21652b74fe31d0dba0409d489b371e49f7f8cb5bb34c5

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2716
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:21 GMT
etag: PRIVATE7520710249
expires: Sun, 13 Aug 2023 12:13:21 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 jsvpaid.js Show response
static.adtelligent.com/static/ Frame 128C 179 KB
48 KB 57ms
14ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adtelligent.com/static/jsvpaid.js?cb=07061922
Requested by: Host: player.vertamedia.com
URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 20ac9dfb9f94ee5d524a89e8858e1caecf0c0634af6af80e11a42d242cebdaee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 16 Jul 2023 12:13:21 GMT
date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 16:22:13 GMT
server: nginx
etag: "6480aeb5-bd0a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 48394
x-proxy-cache: HIT

GET
H/1.1 200
OK adm
aux-log.adtelligent.com/log/ 43 B
283 B 89ms
89ms Image
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aux-log.adtelligent.com/log/adm?page_url=https%3A%2F%2Faidheps24.space%2F&sid=10675&tte=201&info=%7B%22status%22%3A200%2C%22msg%22%3A%22success%22%7D&event=outstream_cfg_load_vast_config_success
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 integration.css
player.bidmatic.io/microplayer/v2/ 35 KB
6 KB 13ms
13ms Stylesheet
text/css 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/integration.css
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 54539f14d8c5349dee64456777e6d1cfe54b0a2b9d8561bd3e8a67c194b135f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Fri, 07 Jul 2023 14:23:26 GMT
server: nginx
etag: W/"64a81fde-8c97"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 16 Jul 2023 12:13:21 GMT

GET
H2 200 plyr.polyfilled.min.js Show response
player.bidmatic.io/microplayer/v2/ 116 KB
34 KB 15ms
14ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/integrator.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5de338dcbd298c9bd97858f7a632dbb581bc0f0893e2a0642cdc2e1aed852590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 12:27:44 GMT
server: nginx
etag: W/"629f4440-1d13c"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sun, 16 Jul 2023 12:13:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 64ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=690014741&_u=YCDAgAABAAAAAG~&z=990083185

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=690014741&_u=YCDAgAABAAAAAG~&z=990083185

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S98PZYR0WM&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8bb551df9615f4072370a446814f647068734980e2cfb4a9015369a8d73ceb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79676
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 12:13:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 60ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1074463960&_u=YCDAgAABAAAAAG~&z=13835067

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1074463960&_u=YCDAgAABAAAAAG~&z=13835067

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=1647544846&gjid=283048676&_gid=2037483514.1689336801&_u=YCDAAAABAAAAAG~&z=1513932625

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1884518174&gjid=2059295473&_gid=2037483514.1689336801&_u=YCDAAEABAAAAAGAAI~&z=1907178102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279944/ 2 KB
1 KB 59ms
38ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279944/config.json?cb=https%3A%2F%2Faidheps24.space%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_266844_677.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e814f25790e51e065d2ddda273639aee2926641f7c4a5ea738e83a240c77e281

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sun, 16 Jul 2023 12:13:21 GMT
date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 12:02:25 GMT
server: nginx
etag: W/"64ae9651-8f5"
content-type: application/json
access-control-allow-origin: https://aidheps24.space
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 71ms
9ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 11:38:02 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 2120
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: sXVGK6QYMZzQq3VbNR6iYfwJc-rfCG7LAbFdEGODQluQQAyhPSmnMA==

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 132 B
403 B 420ms
22ms XHR
application/json 185.83.69.58
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 0e3d7902609430e2b5f87914e061e99debec0ee68f09d9618b3426aea7c6dadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 132

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
432 B 419ms
21ms XHR
image/gif 185.83.69.58
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=266844&site_id=677&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Faidheps24.space%2F&adid=2jiib9.bm&features=81952&vpbv=A160&lifecycle_tte=2054
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:20 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 204 2348859 Show response
vc.hotjar.io/sessions/ 0
257 B 82ms
33ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2348859?s=0.25&r=0.24258764332857963
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5957fbf26d1b525b5a12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: TeDO383uaMQEgTj6V7yO0vnm-2pU5WBWJstJtN3D4gD07OE7sYI1xA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
32ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=1647544846&_u=YCDAAAABAAAAAG~&z=637272286

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
34ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-1&cid=1938475494.1689336801&jid=1647544846&_u=YCDAAAABAAAAAG~&z=637272286

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1884518174&_u=YCDAAEABAAAAAGAAI~&z=169321986

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-27719526-4&cid=1938475494.1689336801&jid=1884518174&_u=YCDAAEABAAAAAGAAI~&z=169321986

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.2/ 6 KB
2 KB 488ms
434ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.2/plyr.svg
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk5G4JVe0Qt2%2BvDPxBQM%2B998rKtEhgGTBxkroridWmpb1bHVnKkNAwo5Em722FoNChzWCmsDFLTyqr%2B423gyRi5P%2BffyQ4hWwuHq1yQaRqxnVOGzRNyyfSHK8LZqmWwlTKYUSz3KlnnZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e69ade1d8ec1b0b-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jsvpaid.js Show response
static.adtelligent.com/static/ Frame F891 179 KB
48 KB 51ms
51ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adtelligent.com/static/jsvpaid.js
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 20ac9dfb9f94ee5d524a89e8858e1caecf0c0634af6af80e11a42d242cebdaee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 16 Jul 2023 12:13:21 GMT
date: Fri, 14 Jul 2023 12:13:21 GMT
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 16:22:13 GMT
server: nginx
etag: "6480aeb5-bd0a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 48394
x-proxy-cache: HIT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.7.2/ 6 KB
2 KB 592ms
570ms XHR
image/svg+xml 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.7.2/plyr.svg
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5Uov%2BobNB3ifezPY5fKyikON%2FEnzdE7S2o0cl6V3llEhznDvDHl5%2FQkGbMIC21%2BgEcssIcA0aCsNTsRdWfXGr%2FP%2FJtmU35GvueZ%2BEfegbq9ze3r5MDbVkM38Wb6B617Q4khXaIc8Uud"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e69ade1d8f01b0b-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame 128C 43 B
229 B 313ms
90ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=3&Type=0&Version=0.0.0&Aid=0
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame 128C 43 B
229 B 309ms
89ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=4&Type=0&Version=0.0.0&Aid=369931
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 206 blank.mp4
cdn.plyr.io/static/ 2 KB
2 KB 55ms
22ms Media
video/mp4 2606:4700:21::681b:c358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/static/blank.mp4
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98

Request headers

Referer: https://aidheps24.space/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7349929
etag: "08fc2557b6c938f1a251e59b016e90e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHywQWHhKXQS00bp6Srd8rDCMTyiIYHjJN1Q09HLXbsD%2B61MrPErdiSxccSrAasn1JdjfJpHz7FxpLayKxcTFb%2FwzuWn1%2F577gs1F8lr5j1hqaF82Tl492CokBOFDbLjuh4bHo1CWfml"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-1776/1777
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e69ade21e270e39-AMS
alt-svc: h3=":443"; ma=86400
Content-Length: 1777

GET
H2 206 f7fb43603a78398c6cc234e504fd6fd0.mp4
files.unocdn.com/video-service/ 2 MB
0 43ms
9ms Media
video/mp4 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://files.unocdn.com/video-service/f7fb43603a78398c6cc234e504fd6fd0.mp4
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://aidheps24.space/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 14 Jul 2023 13:13:21 GMT
date: Fri, 14 Jul 2023 12:13:21 GMT
last-modified: Tue, 27 Jun 2023 14:40:49 GMT
server: openresty
etag: "649af4f1-3b974c"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-3905355/3905356
cache-control: max-age=3600
content-disposition: inline; filename="f7fb43603a78398c6cc234e504fd6fd0.mp4"
Content-Length: 3905356
x-proxy-cache: HIT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1689336801584/
Redirect Chain

https://gaua.hit.gemius.pl/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidheps...
https://gaua.hit.gemius.pl/__/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidh...

169 B
423 B

52ms
48ms

Script
application/x-javascript

51.83.200.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidheps24.space%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=SRB3TiL6tqaOgrBq0hyZOyllUgaulCrF408zyqjdQTv.Q7UuTmie0bn8pY__5XBoueQ6F0Obr_vBUqllvJQJS6VJS_Gh/BgIlI5kcAHYh5/&fpdata=SGZ3rPTi3xev5SPqa_cMoiJleEydH7_DXyeElxbLOL7.p7&ltime=303&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=64b13be110ade380&brts=1689336801&fpcap=
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Server: 51.83.200.186 , France, ASN16276 (OVH, FR),
Reverse DNS: ip186.ip-51-83-200.eu
Software: GHC /
Resource Hash: 228992710b4ed37f1788745248f2366e4f2cd3a52a7be94367bf028a0c927510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Thu, 13 Jul 2023 12:13:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1689336801584/rexdot.js?l=100&sendf=24&id=d1.rEoejCKpTUXcV_Qtrd2YkXfXZSUcASgjXuacs.iT.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Faidheps24.space%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=SRB3TiL6tqaOgrBq0hyZOyllUgaulCrF408zyqjdQTv.Q7UuTmie0bn8pY__5XBoueQ6F0Obr_vBUqllvJQJS6VJS_Gh/BgIlI5kcAHYh5/&fpdata=SGZ3rPTi3xev5SPqa_cMoiJleEydH7_DXyeElxbLOL7.p7&ltime=303&fr=1&ref=&inner=_ver%3D342%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=64b13be110ade380&brts=1689336801&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 13 Jul 2023 12:13:21 GMT

GET
H/1.1 200
OK / Show response
ads6.adtelligent.com/2v/ 157 B
559 B 114ms
43ms XHR
application/json 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads6.adtelligent.com/2v/?vmAdID=0671B614CE72B4E5&aid=369931&width=300&height=250&site_full_url=https%3A%2F%2Faidheps24.space%2F&top_domain=https%3A%2F%2Faidheps24.space&v=2.7.204&t=js&format=outstream&cb=1689336801113&sid=10675&site_id=Novy_Outstream&vpaid_type=2&is_secure_frame=false
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=07061922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6120f09158ac17764458a5250e6d0603f8a7abf27d61fc68409edd32ea7f1fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 157

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S98PZYR0WM&gtm=45je37c0&_p=1316124108&_gaz=1&ul=en-us&sr=1600x1200&cid=1938475494.1689336801&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&_s=1&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sid=1689336801&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S98PZYR0WM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 22ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S98PZYR0WM&cid=1938475494.1689336801&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S98PZYR0WM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
36ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S98PZYR0WM&cid=1938475494.1689336801&gtm=45je37c0&aip=1&z=1233523351

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
303 B 110ms
108ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Faidheps24.space&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://aidheps24.space
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: VZQxKmNDxVcuj7vXZ3ldOLLNPW3shWKKaDRjVr1d0wFn70fz1wRPxQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 230ms
123ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=0&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1540476860805-0%22%2C%22s%22%3A%5B%22240x600%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Stiky_Left%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: B27NDR9BZQQVF3SERSH9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: beT9yg8-l7I3K8rqtwC18NmPltiSZcEaBjl4yrz4e0p5xtOe_vrnIw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 224ms
120ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=1&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1540476792969-0%22%2C%22s%22%3A%5B%22240x600%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Stiky_Right%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 668R17YJTXDYZ82BEMCG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Ll8hBfiox67PEU3pWZ3uh12ffE1VfyW0kGW4h9AGV1Ubyx9oYGehWA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 218ms
118ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=2&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1634627788073-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Footer%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: DM0C1946YG4PPKY7MNY4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nHf1QOo2Wfzf2k9OblyTr35uRXwI_tJY6DtPfdFGdPJiC9gcNpq1CQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 91ms
31ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 11:09:24 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3838
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 7cd-x8rfHvLnz9kksiCj1zuQPCpxTQ4BFELBkJTo9jwMS70Ah32Otw==

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 179ms
42ms Script
application/javascript 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
last-modified: Mon, 02 Jul 2018 17:26:54 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b3a605e-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK sync.js Show response
s.adtelligent.com/ Frame 128C 1 KB
804 B 43ms
42ms Script
text/javascript 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.js?aid=369931
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js?cb=07061922
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6a6ce105f68e8e8d0673105cf12766e0990691fe6f30a04b0398de5b30286ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 532

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame F891 43 B
229 B 243ms
87ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=3&Type=0&Version=0.0.0&Aid=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
s.adtelligent.com/ 824 B
818 B 62ms
33ms XHR
text/xml 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/?sv_content_id=455285&aid=806471&sid=%D0%A1&width=400&height=250&site_full_url=https%3A%2F%2Faidheps24.space%2F&cb=742141723564&v=1.5.6&minbitrate=240000&maxbitrate=720000
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 65b1d277ad418bd3c1b6b4cea779e1ec47b67743fc3b0e67a9ca3d23c08854cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 516

GET
H/1.1 200
OK slmp
pixel.adtelligent.com/ Frame F891 43 B
229 B 228ms
87ms Image
image/gif 23.227.138.196
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adtelligent.com/slmp?Event=4&Type=0&Version=0.0.0&Aid=806471
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.227.138.196 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK player Show response
aux-log.bidmatic.io/svp/ 43 B
283 B 278ms
87ms XHR
image/gif 67.220.182.50
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log.bidmatic.io/svp/player?type=1&content_id=455285&aid=806471&client_id=680638&width=660&height=371&tte=934
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:21 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
s.adtelligent.com/2v/ 6 KB
2 KB 67ms
21ms XHR
application/json 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/2v/?sv_content_id=455285&aid=806471&sid=%D0%A1&width=400&height=250&site_full_url=https%3A%2F%2Faidheps24.space%2F&top_domain=aidheps24.space&t=js&video_duration=180&cb=196526113052&v=1.5.6&c1=%D0%A1&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&minbitrate=240&maxbitrate=720&vpaid_type=2&is_secure_frame=false
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ec92b57c994a8fe66e5145e0dcdb6cc0326b512af4b563d44f00ba45b323bb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1422

GET
H/1.1 200
OK player Show response
aux-log.bidmatic.io/svp/ 43 B
283 B 267ms
88ms XHR
image/gif 67.220.182.50
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log.bidmatic.io/svp/player?type=2&content_id=455285&aid=806471&client_id=680638&width=660&height=371&tte=965
Requested by: Host: player.bidmatic.io
URL: https://player.bidmatic.io/microplayer/v2/plyr.polyfilled.min.js?469261
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.220.182.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:21 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 129ms
42ms XHR
text/javascript 95.216.24.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=42093:uniques_holding&s=2d7b5ee994ea42a9c3b286e6e0bc95e6&__io=59e95c131.445cf1cba_1689336800774&1689336801779
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/cwELzv3aSV0X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.216.24.148 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 12:13:21 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sync.js Show response
s.adtelligent.com/ Frame F891 2 KB
1 KB 21ms
21ms Script
text/javascript 2a0c:5c81:5119::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.js?aid=806471
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5119::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 3fb9daeeeb9188abe5523ce6cdfaf80a815039053d48d1ba6e46b57902b4f63e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 836

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 113ms
113ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=3&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1496150538111-2%22%2C%22s%22%3A%5B%222000x1300%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Background%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: BBKRXS6PCZJ0VDTR1E7J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Te07LAaN2EY2JGi02zu0q5A0ncZIUA69umHhnqMtKjdL_JmhlILMGA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 121ms
120ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=4&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1472564935222-1%22%2C%22s%22%3A%5B%22240x350%22%2C%22300x600%22%2C%22240x400%22%2C%22300x250%22%2C%22240x600%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Premium1_300_250%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 8KHVBM8SDDPJZJRG1Z66
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bpQTsxKcVobrX39BdlUNETJAW6BTbqcZeToEMnFOuJo7YEt3RD2ajQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 113ms
113ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=5&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1472564935222-2%22%2C%22s%22%3A%5B%22240x350%22%2C%22300x600%22%2C%22240x400%22%2C%22300x250%22%2C%22240x600%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Premium2_300x250%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 3V1CX3MFX6N359TE6XKV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ginuIx_gzAosaWfSA9axk0iOMWyhe-qve266RYYP8Xfuiv6bf__J_A==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 43ms
42ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=6&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1634627614419-0%22%2C%22s%22%3A%5B%22240x600%22%2C%22240x350%22%2C%22300x600%22%2C%22240x400%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Premium3%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: H2QG3KJCS8ABKZRGYBK3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZAF2AEXpUPklhf4So5bBdPvkUKQ4uSHWEPBlJO9JXR5ycRDHyMBS4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 45ms
44ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faidheps24.space%2F&pid=hg4cDA1dUNTq9&cb=7&ws=1600x1200&v=23.612.1758&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1656932699862-0%22%2C%22s%22%3A%5B%221366x90%22%2C%221280x90%22%2C%221200x90%22%2C%221080x90%22%2C%221024x90%22%2C%221000x90%22%2C%22980x90%22%2C%22970x90%22%2C%22960x90%22%2C%22950x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F58302844%2FSLDS_Novy_Catfish%22%7D%5D&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&pubid=f7e8cac4-1bcc-4a33-a6c1-7cf8b2305f1a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:21 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 912VYEWRWWZDRWP9CXCY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://aidheps24.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: jNnkCTmEC-J38SVWPh5FvNGVqZel5ub53QAjjLscDbThr_swRuIq1A==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 698 B
380 B 67ms
67ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=3117658933621139&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2000x1300&ifi=1&adks=3245205863&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801910&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=-200&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=1600x3594&msz=2000x-1&fws=512&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcf1235bc19e00241a816bc74735004001604989a4b67ce858bff71ea6471297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
38 KB 398ms
397ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=1699484019352102&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Premium1_300_250&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x350%7C300x600%7C240x400%7C300x250%7C240x600&ifi=2&adks=3400365515&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801922&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=1025&adys=285&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=300x0&msz=240x30&fws=128&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b30243f7ad109941758c04758acd3a1e91f0a5c4d50e98c419ecf1cb669a384

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIz_9P-VjoADFalWFQgdw8EDIQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13028322270827773952/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIz_9P-VjoADFalWFQgdw8EDIQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13028322270827773952/index.html
date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38996
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
38 KB 364ms
363ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=1705853043084386&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Premium2_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x350%7C300x600%7C240x400%7C300x250%7C240x600&ifi=3&adks=2999024198&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801930&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=1025&adys=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=300x0&msz=240x20&fws=128&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b1ce13bc5a89421ac7ad2fedce4aac78d94a5ec307526e506332cde6ae92fd

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbq9P-VjoADFeRiFQgd-MUFVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/13028322270827773952/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPbq9P-VjoADFeRiFQgd-MUFVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/13028322270827773952/index.html
date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38809
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 359ms
358ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=111779088734746&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Premium3&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x600%7C240x350%7C300x600%7C240x400%7C300x250&ifi=4&adks=2161769099&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801937&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=1025&adys=2456&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=300x0&msz=240x250&fws=128&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc14827a35fe2c5fbf563fbe3bc8c20de72431ed27e8ec1b7929f002f21adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15119
x-xss-protection: 0
google-lineitem-id: 5954332305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138385343298
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 126 KB
46 KB 443ms
442ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=93733462542287&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Catfish&enc_prev_ius=%2F0%2F1&prev_iu_szs=1366x90%7C1280x90%7C1200x90%7C1080x90%7C1024x90%7C1000x90%7C980x90%7C970x90%7C960x90%7C950x90%7C728x90&ifi=5&adks=2308062911&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801946&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=117&adys=1199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=1600x-1&msz=1598x-1&fws=512&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48d684f6c04a0c4fccb9aeaccd2eea14eecf5c5980b2c773d63bd41125114b18

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJea9f-VjoADFQRrFQgdIk0PIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3768702878955482514/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJea9f-VjoADFQRrFQgdIk0PIw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3768702878955482514/index.html
date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46697
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC07 6 KB
3 KB 85ms
17ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 13 Jul 2024 12:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 294ms
89ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=729051&protocol=ima&waterfall_position=1&waterfall_id=18959082&advId=748724&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:21 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 157 B
443 B 26ms
25ms XHR
application/json 185.83.69.58
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=40299&aid2=467848&aid3=587777
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7bc5ba0873a298df2d95225387c3d5ea4b529372d840bcfafcad7b51ee8cd7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://aidheps24.space
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 157

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
38 KB 346ms
345ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=3539240392291703&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=476203661&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801981&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=436&adys=2536&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=1020x0&msz=728x90&fws=128&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42e5c6d28787d6a82dc46949ceb042d945d6b1c8ba2ccc901cb3e53856587943

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLU9v-VjoADFTNZFQgdaSkDOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMLU9v-VjoADFTNZFQgdaSkDOA&gqi=&layout=/sadbundle/%24csp%253Der3%24/2631481056066273280/index.html
date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
content-encoding: br
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38869
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 631 B
314 B 150ms
150ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=362000470510615&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Stiky_Right&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x600&ifi=7&adks=930703955&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336801995&lmt=1689336801&dlt=1689336800036&idt=1184&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=0x0&msz=0x-1&fws=640&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a3f8974aa85c5aa227588b5fde00bf7a4c2e8f35dac614894f929fb5df15092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 630 B
315 B 124ms
124ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1901676568815314&correlator=3228992275892262&eid=31076035%2C21065725&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=58302844%2CSLDS_Novy_Stiky_Left&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x600&ifi=8&adks=3081115521&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26excl_cat%3DPREPOST&eri=1&cust_params=SLM%3DSLM%26g-space1139830%3D17df16eae24b6b91b4bdd69e2a4c917f%26g-space%3Dnovy.tv%252Fg-space%26url%3D17df16eae24b6b91b4bdd69e2a4c917f%26type_page_novy%3Dnon_video&sc=1&cookie_enabled=1&abxe=1&dt=1689336802013&lmt=1689336802&dlt=1689336800036&idt=1184&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faidheps24.space%2F&frm=20&vis=1&psz=0x0&msz=0x-1&fws=640&ohw=0&ga_vid=1938475494.1689336801&ga_sid=1689336802&ga_hid=1316124108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d241cb12f41e5fdb4a9fd39c077ceab4981b661f861a7023bb40d67a29bd57ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 93CE 0
0 75ms
16ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.js?aid=806471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame A359
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5216369895775830525

43 B
456 B

110ms
95ms

Document
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5216369895775830525
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.js?aid=806471
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Fri, 14 Jul 2023 12:13:21 GMT
Etag: 88a2616db2da27e3
Server: Adtelligent

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 0de90bf4-2d15-4da5-9a8a-c76b543f195a
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5216369895775830525
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 37.58.58.247; 37.58.58.247; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5CFF 15 KB
6 KB 62ms
13ms Document
text/html 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.js?aid=806471
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=59992
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 15 Jul 2023 04:53:14 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame F891
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8042858467766948337

43 B
456 B

96ms
96ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8042858467766948337
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:22 GMT
Server: Adtelligent
Etag: 88a2616db2da27e3
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
an-x-request-uuid: 2a3689ac-39e8-432e-9dc9-25fc28571a29
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8042858467766948337
x-proxy-origin: 37.58.58.247; 37.58.58.247; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame F891
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523

43 B
473 B

223ms
96ms

Image
image/gif

185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 12:13:21 GMT
Server: Adtelligent
Etag: 88a2616db2da27e3
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523
date: Fri, 14 Jul 2023 12:13:22 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame ADAD 3 KB
1 KB 43ms
43ms Document
text/html 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 14 Jul 2023 12:13:22 GMT
etag: W/"5b310388-b5f"
last-modified: Mon, 25 Jun 2018 15:00:24 GMT
server: nginx/1.13.0

GET
H2 200 /
c.idealmedia.io/pv/ 0
66 B 43ms
27ms Image
text/plain 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.idealmedia.io/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1689336802110181020084&uniqId=140da&childs=1392567&lct=1689292800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnovy.tv%2Fua%2Fg-space%2Flayfhaki%2F2023%2F07%2F14%2Fgroshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty%2F&lu=https%3A%2F%2Faidheps24.space%2F&pageView=1&pvid=1895451eb3f966380a4&site=848785&implVersion=11&dpr=1&tfre=2039
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e69ade548831bdb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 8513d3ee-ac31-4c67-9f1e-5fe97275eeff
https://aidheps24.space/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aidheps24.space/8513d3ee-ac31-4c67-9f1e-5fe97275eeff
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5CFF 2 KB
3 KB 78ms
16ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29338195&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 1009100b2aebabff2e6e0ffb79c4306b6a25bcd5235405497aa5d77b17bafe1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 14 Jul 2023 12:13:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 384ms
42ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=AAFAA763218441B79F710C7FE7573A1F&time=1689336801764&location=https%3A%2F%2Faidheps24.space%2F&referrer=&is_flash=0&session_id=285876315&version=3.5.357_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Jul 2023 12:13:22 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
229 B 42ms
42ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=AAFAA763218441B79F710C7FE7573A1F&time=1689336802170
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1 Show response
servicer.idealmedia.io/1392473/ 4 KB
2 KB 81ms
57ms Script
application/x-javascript 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.idealmedia.io/1392473/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1689336802235215665651&uniqId=140da&childs=1392567&lct=1689292800&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=660&h=242&sz=150x189&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=64b13be2-0b9b1&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&ref=&cxurl=https%3A%2F%2Fnovy.tv%2Fua%2Fg-space%2Flayfhaki%2F2023%2F07%2F14%2Fgroshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty%2F&lu=https%3A%2F%2Faidheps24.space%2F&pageView=1&pvid=1895451eb3f966380a4&implVersion=11&dpr=1&tfre=2163
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512c5ccde22bbb3698c612695b6d70310c6b39a940b5a1c56f832e7209ac9e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7e69ade629b81bdb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D213 43 B
363 B 72ms
18ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:21 GMT
expires: Fri, 14 Jul 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 252896
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A462
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825977605228

42 B
194 B

88ms
19ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825977605228
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 14 Jul 2023 12:13:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Fri, 14 Jul 2023 12:13:22 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825977605228
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4DF4
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5815451935532111623

42 B
424 B

29ms
17ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5815451935532111623
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 14 Jul 2023 12:13:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5815451935532111623
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame D0BC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

204ms
203ms

Document
image/gif

52.95.118.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 14 Jul 2023 12:13:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4GHBGGFXH756GZ72FYTY

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 14 Jul 2023 12:13:22 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=421D1484-8304-4307-8AD8-4A032C2539E2&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QTE1GYBC6GN5J9TWASFR

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 468D 43 B
473 B 140ms
97ms Document
image/gif 185.239.172.77
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=421D1484-8304-4307-8AD8-4A032C2539E2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Fri, 14 Jul 2023 12:13:21 GMT
Etag: 88a2616db2da27e3
Server: Adtelligent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qh0UhIMEQweK2EoDLCU54g%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

30ms
25ms

Image
text/html

2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=59992
accept-ranges: bytes
content-length: 5606
expires: Sat, 15 Jul 2023 04:53:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 5CFF 49 B
265 B 134ms
41ms Image
image/gif 52.31.235.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=421D1484-8304-4307-8AD8-4A032C2539E2&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.235.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-235-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.167
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 5CFF
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1609536904
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=421D1484-8304-4307-8AD8-4A032C2539E2

0
284 B

90ms
21ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=421D1484-8304-4307-8AD8-4A032C2539E2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
via: 1.1 google
last-modified: Fri, 14 Jul 2023 12:13:22 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=421D1484-8304-4307-8AD8-4A032C2539E2
date: Fri, 14 Jul 2023 12:13:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET match
a.audrte.com/ Frame 5CFF 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5CFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDIxRDE0ODQtODMwNC00MzA3LThBRDgtNEEwMzJDMjUzOUUy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

27ms
23ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Jul 2023 12:13:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5CFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDazza6EZI37FJFVkoC5iHI&google_cver=1

42 B
299 B

26ms
22ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDazza6EZI37FJFVkoC5iHI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Jul 2023 12:13:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDazza6EZI37FJFVkoC5iHI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5CFF 43 B
612 B 112ms
24ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 13 Jul 2023 12:13:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5CFF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487804213720259050

42 B
242 B

26ms
15ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487804213720259050
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 14 Jul 2023 12:13:21 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487804213720259050
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5CFF 70 B
265 B 124ms
39ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 12:13:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 421D1484-8304-4307-8AD8-4A032C2539E2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5CFF 43 B
426 B 155ms
41ms Image
image/gif 2a05:d018:d29:3601:f3c5:b81c:48d6:4797
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/421D1484-8304-4307-8AD8-4A032C2539E2?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:f3c5:b81c:48d6:4797 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 92ms
92ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=729052&protocol=ima&waterfall_position=2&waterfall_id=18959082&advId=748724&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:21 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9781 0
0 59ms
54ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR7aWDHHkyIV90HVVFq5Y2x2Qa_HB3-1mrdrqe3fCR1-ELL7XV2MS-j0162ZgabMgNTZdFFuQorSAYOOBgpdQQZIhplkoxyZ4r_uTAr9dxGiGgVHH3e4GTBF8-tAfusNRHYog8sdw40j-v0rBWXwZULxfm4qNPtllSzwBj3C_X_3ygijkvLS3ge2htZFshVuhWwK8i9U4rbAmBoraVe1F0ZHP3CB5cNNm4-jzxhqx5EkdUE3H2-AqzxZmIqFRw-yfWGlSsXwmIUPkUtJsJ0Xwm9yPTQUXK6-Tdac7CmUOKMA99EET_hOwP2aHHT8RsPq09ggO2OFCC_vMZktdYQwfaMLsjc5O8kHSSd5pX&sai=AMfl-YQy5UWmHc8S8fOJTsCLeFMkLOX8BWj4nACQNGlTvoCR3vpOSNpcGnJ5EZtTVTz3UfuxsnQ84JDd-VTRBWeHTnsS4M_-yn-eVfvIqYzcnJVcP7lYGIsieWN9kpESDrwk1Tm_oC3YDBLPMa2twLlF&sig=Cg0ArKJSzCutJ70XdKgZEAE&uach_m=[UACH]&adurl=

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9781 3 KB
2 KB 74ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 10:09:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9781 179 KB
57 KB 70ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:22 GMT

GET
H2 200 16137541572629757188
tpc.googlesyndication.com/simgad/ Frame 9781 76 KB
76 KB 73ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16137541572629757188

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f037ad398e68dc00d780b3539ac2e3482838391b808698808703f6ad752b58a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 18:52:14 GMT
x-content-type-options: nosniff
age: 580868
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77560
x-xss-protection: 0
last-modified: Tue, 23 May 2023 08:00:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 18:52:14 GMT

GET
H2 200 container.html Show response
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9329 6 KB
3 KB 13ms
11ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 13 Jul 2024 12:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9781 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44930603fe7a92f43bcc3f9faa90d1659337109c709db85f148cd23a8fc10772

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8DD3 6 KB
3 KB 24ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 13 Jul 2024 12:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42CF 6 KB
3 KB 19ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 13 Jul 2024 12:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C71 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
expires: Sat, 13 Jul 2024 12:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 345 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fd72730bd48ca9fc5c27393bdf5983f432faeb4368acf9de54b8a896751807c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 87ms
87ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=729053&protocol=ima&waterfall_position=3&waterfall_id=18959082&advId=748724&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 198 KB
25 KB 11ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7332057f8d8d4fb54fe25d8f66b6166ea7629421968aa7d58846e5499c688d6d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 540414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24382
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 06:06:28 GMT
expires: Sun, 07 Jul 2024 06:06:28 GMT
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 9329 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1753 143 B
383 B 39ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 11:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9329 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 10:09:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 9329 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9781 0
0 50ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulI-I23veaQ-A56ByBiyTgAB1eVNDiSi6Evo_Vr0glA0ZG4try_WladIKQXITyp6hXvIwRePoZfBNg7pOAc3-hcU9RvE3pM2zl5BhN18N4LB7cUFdxUPKmadu3zDGS7fPUqcJ27ep2CTd7g_AFu0-e2YXKFXlB6bIs_8BJq98Ll1DBHBX-OE81VTb3J96OqQXtpOiE3NRF2XmQmkgM_5iXza5oNuVWO303WgsuBFz0x-0PrjHveMhGkgNsrKwkd60wV9F_5EWY8nFIsGP9tsrtKaTIlvTJFIgKVZwpd2pt5-dgPQvxPqyXuA_fZbw6ruEq2e7P0SNIIpPK43af2TZZ&sai=AMfl-YRvz2sZiuR7kEz42441dKiCQ6s6xRW2996hpwRdv_YpZLbhDwWXQqQ3j-ElK0iij_gmbIsrhaa3dnEvRXtkQBtaDb0kB8moXcZ_XDAl5CsX8x18arOYZb87ymOETp1dL2nZcDgI9J0o7EAHlEaw&sig=Cg0ArKJSzGEJ7qM3jdGFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 12:13:22 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 32AA 16 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 13:38:42 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 32AA 34 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 01:47:45 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 198 KB
24 KB 25ms
11ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfe3a2b1cfc249d20f20867371282841afa1757342ed25421e4c3e0f449c581

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 75044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24421
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 15:22:38 GMT
expires: Fri, 12 Jul 2024 15:22:38 GMT
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 8DD3 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FE6 143 B
200 B 21ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 11:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8DD3 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 10:09:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 8DD3 20 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 198 KB
24 KB 24ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7332057f8d8d4fb54fe25d8f66b6166ea7629421968aa7d58846e5499c688d6d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 540414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24382
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Jul 2023 06:06:28 GMT
expires: Sun, 07 Jul 2024 06:06:28 GMT
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 42CF 23 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C426 143 B
200 B 19ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 11:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 42CF 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 10:09:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 42CF 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 115 KB
19 KB 23ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a306f3150c0a470666c2c670c42fdc5fcc3b60a0561886dcd227caabaff80286

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 149618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19664
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 18:39:44 GMT
expires: Thu, 11 Jul 2024 18:39:44 GMT
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 0C71 23 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 805D 143 B
200 B 16ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 11:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 0C71 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 10:09:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 0C71 20 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:55:07 GMT

POST
H2 200 html5 Show response
vplayer.mmi.bemobile.ua/vplayer/ 0
100 B 90ms
44ms XHR
text/html 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vplayer.mmi.bemobile.ua/vplayer/html5
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 14 Jul 2023 12:13:22 GMT
server: nginx/1.13.0
content-length: 0
content-type: text/html; charset=UTF-8

POST admin-ajax.php
novy.tv/wp-admin/ 0
0

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 90ms
89ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=707535&protocol=ima&waterfall_position=4&waterfall_id=18959082&advId=735584&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
226 B 26ms
25ms XHR
text/plain 185.83.69.58
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/KRZJ2/hbw_master_266844_677.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1753
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
54ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
expires: Fri, 14 Jul 2023 12:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8D5A 16 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 13:38:42 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8D5A 34 KB
13 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 01:47:45 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 47AC 16 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 13:38:42 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 47AC 34 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 01:47:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9329 179 KB
56 KB 248ms
247ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:23 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 49AE 16 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jul 2023 13:38:42 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 49AE 34 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Jul 2023 01:47:45 GMT

GET
DATA 200
OK truncated
/ Frame 9329 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07b8ab9feaf7b2ba9ff2b2546b14e195e071dd2ed3bf0e1991c8daf720cf1ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3LzIzNjA5NS81Y2Q5N...
s-img.idealmedia.io/g/16674159/492x328/-/ 18 KB
18 KB 55ms
15ms Image
image/webp 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/16674159/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3LzIzNjA5NS81Y2Q5NDdiM2Q4OGFhZjlkOTVhMzUzYjI3ZGY4NTAwYi5qcGc.webp?v=1689336802-KAn6w5KvH0TE3wu57L9DHCCj7L8LS6nZOR95up9dHpQ
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f5e121b352df5e977970d17a7f5ebcd7761b5c0f09c7ae6911021e3232de45

Request headers

Referer: https://aidheps24.space/
Origin: https://aidheps24.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: HIT
x-mg-request-uuid: e77460e3-8b52-4743-9c23-56379f7de7d3
age: 68396
alt-svc: h3=":443"; ma=86400
content-length: 18384
last-modified: Mon, 10 Jul 2023 15:29:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e69adeb3a26366b-FRA
expires: Fri, 14 Jul 2023 17:13:27 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzcxMTEyNi84ZWQ4M...
s-img.idealmedia.io/g/14734599/492x328/-/ 32 KB
32 KB 62ms
22ms Image
image/webp 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14734599/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzcxMTEyNi84ZWQ4MzMyNDcyMWVkYzg4NDI0MjQ1ZTg5ODA4MDQ5ZC5wbmc.webp?v=1689336802-7UCde_iE9tiUY5NE-kM5_pfE71ZuCN1fC87AokpbNoE
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e716ab4f0a024b0de63c56f89d2eceb75bb3b20b2a9149d919c073428c5db8

Request headers

Referer: https://aidheps24.space/
Origin: https://aidheps24.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: HIT
x-mg-request-uuid: 7f199d6b-da1b-4b33-9fb6-2b07a3a721d7
age: 8542
alt-svc: h3=":443"; ma=86400
content-length: 32682
last-modified: Mon, 10 Jul 2023 08:32:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e69adeb3a28366b-FRA
expires: Sat, 15 Jul 2023 09:51:01 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3Lzc4MzM4NS82YjAxN...
s-img.idealmedia.io/g/16617278/492x328/-/ 19 KB
19 KB 56ms
16ms Image
image/webp 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/16617278/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3Lzc4MzM4NS82YjAxNGJhZGIyY2EyYzUwODIwMTA5MjcyN2Y2MTQ4OC5qcGc.webp?v=1689336802-ROBVV7DcQhH6oppGz28cvSw2V5QO08OukA6MFu7qTwk
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7b10607b8fe2d4eac6c13944705327abb5df3594d5e68331e59eee15f21563

Request headers

Referer: https://aidheps24.space/
Origin: https://aidheps24.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: HIT
x-mg-request-uuid: cd4b9802-6ade-4326-8221-6216118eadad
age: 21137
alt-svc: h3=":443"; ma=86400
content-length: 19380
last-modified: Wed, 05 Jul 2023 08:19:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e69adeb3a29366b-FRA
expires: Sat, 15 Jul 2023 06:21:06 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzI0MjEzNS80YjZkN...
s-img.idealmedia.io/g/15229263/492x328/-/ 17 KB
17 KB 63ms
24ms Image
image/webp 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/15229263/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEyLzI0MjEzNS80YjZkNGM5YjU0ZDM5ZjkzZmQ0OTY1MGZjMDBlMGYzMi5qcGc.webp?v=1689336802-ApBlg96y5kJT0eEOY8lLB_7VEtqnOkWUO9soZCFrMiQ
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d07dcb5aa030c311fa7e40bc145a189a1440e931d9778da77421416bac34007

Request headers

Referer: https://aidheps24.space/
Origin: https://aidheps24.space
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: HIT
x-mg-request-uuid: 5ec80741-75dc-43b4-a85f-9677a58ad3fe
age: 60089
alt-svc: h3=":443"; ma=86400
content-length: 17344
last-modified: Wed, 21 Jun 2023 13:08:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 7e69adeb3a2a366b-FRA
expires: Fri, 14 Jul 2023 19:31:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0FE6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
expires: Fri, 14 Jul 2023 12:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DD3 179 KB
56 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C426
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
expires: Fri, 14 Jul 2023 12:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42CF 179 KB
56 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C71 179 KB
56 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 12:13:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 805D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
expires: Fri, 14 Jul 2023 12:13:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 88ms
87ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=701908&protocol=ima&waterfall_position=5&waterfall_id=18959082&advId=735787&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 42CF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae0e75e0758b69888658392531c8fb9d4cbd0312fb875ba0fc027dc217288c96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0C71 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68309512702a49c97e6723711ab1d90c2edd53fcb21ee55377cbfcc90a2fc979

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8DD3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d01256338e3488a4ec8cfd549ac8f6acee628a9f22c79243bb1b08d642a5e274

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gluehbirne.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 858 B
466 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/gluehbirne.svg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 22:08:34 GMT
age: 569089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 22:08:34 GMT

GET
H3 200 strahlen.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 879 B
386 B 19ms
18ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/strahlen.svg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 10:08:48 GMT
age: 525875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 10:08:48 GMT

GET
H3 200 vid1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 10 KB
11 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/vid1.jpg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3fdcdc090b6ee2977013f8f6ae2d8bd35822211ca1e3037bc05651483979226

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 08:35:49 GMT
x-content-type-options: nosniff
age: 531454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10740
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 08:35:49 GMT

GET
H3 200 vid9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 12 KB
12 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/vid9.jpg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb29b01ad016336a002e5b0453ed017340a5c091ba09ea67439e311162473ab2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 04:54:53 GMT
x-content-type-options: nosniff
age: 544710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 04:54:53 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 1 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Wie_das_geht_erfahren_Sie_hier.png

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cfd979853ab96df2dc78daeee5d50f7f42042a0a2f6ea2f8acdab7cb0e16a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1532
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 Smarte__Beleuchtung_fu_r_Ihr_Zuhause.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 4 KB
4 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Smarte__Beleuchtung_fu_r_Ihr_Zuhause.jpg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2ae7863db594b125a7daae5b09b601abc0ba00d5e92b8cff4a3fa837c44039

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4571
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 Gemu_tliches_Licht.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 3 KB
3 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Gemu_tliches_Licht.jpg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Jul 2023 12:03:56 GMT
x-content-type-options: nosniff
age: 86967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2769
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 12:03:56 GMT

GET
H3 200 Ganz_einfach.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 2 KB
2 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Ganz_einfach.jpg

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 square.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 9 KB
9 KB 21ms
19ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/square.png

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:53 GMT
x-content-type-options: nosniff
age: 479850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:53 GMT

GET
H3 200 homematic.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 32AA 3 KB
3 KB 22ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/homematic.png

Requested by

Host: bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
URL: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2904
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 90ms
90ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=687440&protocol=ima&waterfall_position=6&waterfall_id=18959082&advId=735584&isvm=1&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8DD3 0
0 56ms
56ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYsKT4juxZMLbAbOy1fAP6dKMwAP9tsWMccSD1cbxDtrZHhABIMyMyx9glYKAgKAHoAGKpY-ZA8gBCakCjeYRkTPVsj7gAgCoAwHIAwKqBPABT9ABH_3pgmwDpEgfuB9FSOmed62_Ul4qEr_TSfj99lNdwDMvkx_7SES9VsWcXXbQc99VxUbAaLGcgFkeUTgXtXUHC7wYLxJrS1geagL6d2-380MXPsr4k-bofGCPtzA6DHG0b8XsMwuC4pP5EmabKb6iZwm4sKFR1cWvaiTfmxa9Y6XPdQ0f62JBGBq7s1-ZkK_l7UXCZlhqHBpz3uK889SYYNKb1mqTmngMiyfCGAK9bhblb6u4MiqmCgbO0E7k0PUR2OH7cOTUQn4KHmOSQPJbKOufuPuiKMXrYIv18dL63BYl06Ksxn62drhiy6qBwATc2v61_gLgBAGSBQQIBBgBkgUECAUYBKAGXYAH3trwZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMqhBNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItODExNzQ3NDU1NjQ3OTM2MxjEtBQ&sigh=gtOMClUcDl8&uach_m=[UACH]&cid=CAQSSwBpAlJWqoDsL6YAi-dR1kvHv3goVt34FhJ2fOnwplZ5qNl0ZDw4RXiaDMbazFAFtjnGfxv6as1Hn-flvNqA_SSzLhg8zMZCaCVz1xgB&cbvp=2&vis=1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 gluehbirne.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 858 B
470 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/gluehbirne.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 22:31:31 GMT
age: 481312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:31:31 GMT

GET
H3 200 strahlen.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 879 B
387 B 19ms
17ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/strahlen.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 22:30:02 GMT
age: 567801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 22:30:02 GMT

GET
H3 200 vid1_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 6 KB
6 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid1_728x90.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 15:55:45 GMT
x-content-type-options: nosniff
age: 505058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6102
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 15:55:45 GMT

GET
H3 200 vid9_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 7 KB
7 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/vid9_728x90.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83e4bb2a98df95ee3291e06a76024c79b62aeb2b2c111d34cc84c5af241d0e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 23:25:47 GMT
x-content-type-options: nosniff
age: 478056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6997
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 23:25:47 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 2 KB
2 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Wie_das_geht_erfahren_Sie_hier_728x90.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 23:25:47 GMT
x-content-type-options: nosniff
age: 478056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 23:25:47 GMT

GET
H3 200 Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 3 KB
3 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Smarte_Beleuchtung_fu_r_Ihr_Zuhause_728x90.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 23:25:47 GMT
x-content-type-options: nosniff
age: 478056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2857
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 23:25:47 GMT

GET
H3 200 Gemu_tliches_Licht.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 3 KB
3 KB 21ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Gemu_tliches_Licht.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Jul 2023 15:48:39 GMT
x-content-type-options: nosniff
age: 159884
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2769
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 15:48:39 GMT

GET
H3 200 Ganz_einfach.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 2 KB
2 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/Ganz_einfach.jpg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:31:31 GMT
x-content-type-options: nosniff
age: 481312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:31:31 GMT

GET
H3 200 square.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 9 KB
9 KB 22ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/square.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:31:31 GMT
x-content-type-options: nosniff
age: 481312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:31:31 GMT

GET
H3 200 homematic.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/ Frame 8D5A 3 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2631481056066273280/homematic.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 01:54:53 GMT
x-content-type-options: nosniff
age: 555510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2904
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 01:54:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C71 0
0 58ms
58ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ_Qg4juxZJchhNbV8A-imr2YAoa0t5xx6bCb2v0P9pX06ckBEAEgzIzLH2CVgoCAoAegAaXgjNwDyAEJqQKN5hGRM9WyPuACAKgDAcgDSKoE8AFP0FeMk8SdYIW_7GefsNyMqUTJN-zIbSMDG6CEHjKcI8-S4P1YyjQZjpA3klRWW-rQgrx0k9wOmYIDUbjxzCbwbviHA0j0n-Ox635DcAB2DGS6n3_sO-uyCLdc46l3zf7hmz_ZlDemummi9P6BdcLNoBK0Mshbkk55UNcyrWJMuP5vcpSeRiEUNjO-DWfQNFh6UUByMSBG6E9LoYEA6kmV7KTFFSLoJ4zRY7e3RwuEyB4YFOqTP4kZWRrMfXtfYulvMlugPGmpnTVf3hlU2SNxeJOgZVPBSTuvFMr2y_L6Q0VL6txBGHwGknFPDc7xXE7ABPqx2NiNBOAEAZIFBAgEGAGSBQQIBRgEoAYugAezkasoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpZIK0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTCtAVAYAXAbIXHgocCAASFHB1Yi04MTE3NDc0NTU2NDc5MzYzGMS0FA&sigh=TfjiZC4qeQo&uach_m=[UACH]&cid=CAQSTABpAlJWwDt5Ejn0_0kKbU-08q8UUsAKFqX9SVPN91hUwX7W1fLO1mh_n2AHNvo67zrJxTWMtJ7UC6UAict0brYM-hMOjjFP9JGLzWsYAQ&template_id=419&cbvp=2&vis=1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 42CF 0
0 58ms
58ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COZ3O4juxZIwGqa3V8A_Dg4-IAv22xYxxhIHVxvEO2tkeEAEgzIzLH2CVgoCAoAegAYqlj5kDyAEJqQLqE4Rlc9iyPuACAKgDAcgDAqoE8QFP0IOAwFlbE1fRRrpYYl6XcOOpcLGML9E0Hq7lJefwvLxltrIP8VbuvoPHqJRzsADuKYtAqoU8yAuS6FboL5eCIj9KVVrWcmFzq77OPcUjFomKqeqCrwF1OZVB4ObvUVD2VNesdXVHwMeyM6xBWkrxRGTTy3_qt-eQ4XuLywF0NyzhV-OQHezj7KAC7RJghF8LEg68azZCibRj4wyFqLsb7v3NSjL6XQvkrf5knZ26YP_XzviBSNbC_lLAnszNz3FZpoNBmfF8wa6swfBgB9zjYXmM-gwqqFRc1sVI3G_I4FwP8hthhtfYc_ZnVgLF25A7wATc2v61_gLgBAGSBQQIBBgBkgUECAUYBKAGXYAH3trwZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPzAFNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItODExNzQ3NDU1NjQ3OTM2MxjEtBQ&sigh=3mTmpZua9kM&uach_m=[UACH]&cid=CAQSSwBpAlJWTr-OiCKHnPlCk94EGwl42d6qppRK4c-o2a4EFh4IslmqteRkstN0K66Lx2cDUUB6AAftpp3qC_gZtRhaWO_M1aZCk6KifhgB&cbvp=2&vis=1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 gluehbirne.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 858 B
466 B 18ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/gluehbirne.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 22:08:34 GMT
age: 569089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Jul 2024 22:08:34 GMT

GET
H3 200 strahlen.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 879 B
386 B 20ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/strahlen.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 10:08:48 GMT
age: 525875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 352
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 10:08:48 GMT

GET
H3 200 vid1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 10 KB
11 KB 24ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/vid1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3fdcdc090b6ee2977013f8f6ae2d8bd35822211ca1e3037bc05651483979226

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 08:35:49 GMT
x-content-type-options: nosniff
age: 531454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10740
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 08:35:49 GMT

GET
H3 200 vid9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 12 KB
12 KB 24ms
16ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/vid9.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb29b01ad016336a002e5b0453ed017340a5c091ba09ea67439e311162473ab2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 04:54:53 GMT
x-content-type-options: nosniff
age: 544710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 04:54:53 GMT

GET
H3 200 Wie_das_geht_erfahren_Sie_hier.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 1 KB
2 KB 25ms
17ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Wie_das_geht_erfahren_Sie_hier.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cfd979853ab96df2dc78daeee5d50f7f42042a0a2f6ea2f8acdab7cb0e16a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1532
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 Smarte__Beleuchtung_fu_r_Ihr_Zuhause.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 4 KB
4 KB 26ms
18ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Smarte__Beleuchtung_fu_r_Ihr_Zuhause.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f2ae7863db594b125a7daae5b09b601abc0ba00d5e92b8cff4a3fa837c44039

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4571
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 Gemu_tliches_Licht.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 3 KB
3 KB 27ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Gemu_tliches_Licht.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 13 Jul 2023 12:03:56 GMT
x-content-type-options: nosniff
age: 86967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2769
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 12:03:56 GMT

GET
H3 200 Ganz_einfach.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 2 KB
2 KB 27ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/Ganz_einfach.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2077
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H3 200 square.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 9 KB
9 KB 30ms
22ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/square.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:53 GMT
x-content-type-options: nosniff
age: 479850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:53 GMT

GET
H3 200 homematic.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/ Frame 47AC 3 KB
3 KB 31ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/homematic.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13028322270827773952/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 08 Jul 2023 22:55:52 GMT
x-content-type-options: nosniff
age: 479851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2904
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 15:12:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 22:55:52 GMT

GET
H2 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 49AE 38 KB
15 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 00:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 00:28:59 GMT

GET
H3 200 logo_white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 7 KB
3 KB 32ms
25ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/logo_white.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9503016f09f37172f52c4bbbe778a5acb80506b615b869787d6e6e5f3e9f330

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 21:35:27 GMT
age: 225476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2856
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 21:35:27 GMT

GET
H3 200 text_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 5 KB
2 KB 31ms
24ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/text_01.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd2fa71d9486cbe231abfdb01069ac5af26217c36700a59e5371d631445e6f0d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 16:11:08 GMT
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2010
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H3 200 mood_01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 13 KB
13 KB 39ms
31ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/mood_01.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8330472d7126be4837f77c7604765686082791ef283c920ece712f763e455a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 10 Jul 2023 16:11:08 GMT
x-content-type-options: nosniff
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H3 200 text_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 7 KB
3 KB 37ms
30ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/text_02.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de84f4a7301d160f204dc2b09c61a25900d51a6f8c8be036dfaf564f572b45fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 16:11:08 GMT
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2609
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H3 200 mood_02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 16 KB
16 KB 36ms
29ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/mood_02.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

229da7b90b32b138f2dfc8467fea95a0d9a258c9d6abd3750d23a9cb1a082afc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Jul 2023 05:07:04 GMT
x-content-type-options: nosniff
age: 198379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15996
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 05:07:04 GMT

GET
H3 200 text_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 6 KB
2 KB 39ms
32ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/text_03.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46e6bea1dfef9d9a4641395e120168d0b5a3cccf93bf8df73a4b9acb654f1924

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jul 2023 21:07:18 GMT
age: 227165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2418
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Jul 2024 21:07:18 GMT

GET
H3 200 mood_03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 16 KB
16 KB 32ms
25ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/mood_03.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6943ba1ec4fbb0a9e8808335a58f9e072289f725a5e69180641684e204fdbaef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 14 Jul 2023 06:08:40 GMT
x-content-type-options: nosniff
age: 21883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16456
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 06:08:40 GMT

GET
H3 200 logo_black.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 12 KB
4 KB 45ms
38ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/logo_black.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88128ad2928b19512a99b3c23b2dc8642c36dad3d3e4e78deb18acce6e4ff8f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Jul 2023 00:50:28 GMT
age: 559375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4422
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 07 Jul 2024 00:50:28 GMT

GET
H3 200 cta_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 6 KB
2 KB 43ms
36ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/cta_02.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95facd0a35e20a8e183e5c6ff13852b72dd0833464080fe78f31a812e57d87d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 16:11:08 GMT
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H3 200 cta_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 6 KB
2 KB 43ms
37ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/cta_01.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cc5bc8009a32175ff3b8ff404b186594a80b4933711ba51001243e7ddc3b05

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 01:11:12 GMT
age: 212531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1982
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Jul 2024 01:11:12 GMT

GET
H3 200 hg_form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 511 B
417 B 41ms
35ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/hg_form.svg

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8953d9f58aae149091d59bdf3aa1ace4ed0eccdd1d2694d0a95628c154c4d16

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Jul 2023 16:11:08 GMT
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 376
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H3 200 hg_color.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/ Frame 49AE 13 KB
13 KB 38ms
32ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3768702878955482514/hg_color.png

Requested by

Host: aidheps24.space
URL: https://aidheps24.space/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c372d03973600ab403bf7d014fdcf94d843d86a56808ccedb4f98dc02d78886

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 10 Jul 2023 16:11:08 GMT
x-content-type-options: nosniff
age: 331335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12892
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Jul 2024 16:11:08 GMT

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ 0
73 B 178ms
144ms Image
image/gif 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autocounter.idealmedia.io/autocreative/counter.php?id=848785&pid=65075&referer=&cxurl=https://novy.tv/ua/g-space/layfhaki/2023/07/14/groshova-dopomoga-acted-yak-otrymaty-ta-hto-mozhe-oformyty/&h2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1689336803440287717197
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7e69adedbc971bdb-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 8D5A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9329 0
0 67ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdQHt4TuxZLb2POTF1fAP-IuXuAX9tsWMcYSB1cbxDtrZHhABIMyMyx9glYKAgKAHoAGKpY-ZA8gBCakC6hOEZXPYsj7gAgCoAwHIAwKqBOsBT9DgBMr-wqBy-N9scGlDATmK9lcbkQni1kWBVnXrpZ-VYhveDaDJYvi1sYESzRcpAhMgSeKreYJ0sL2GAgPrB0vlB-PT4zAdqgtohf7Z3jeW2H7EAl1BQK7XVU70s5WXDwBi_PFnrs6udGKeL_Zyg429nNu6DnblckjsK0L5jPHBlY6vP3XdieqP-jvc1rPwGTl6M61blNDac2b_Hc1WxnG_CpM0db67vb3VtcRaqnp_KTSwCzFMWTUvpIeIZaJje13ehcJ0Ps-U8YQ72Xo1XykzM6DPD3tf5BkuTS2UyWR73seVSG0WYCbzzsAE3Nr-tf4C4AQBkgUECAQYAZIFBAgFGASgBl2AB97a8GaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCk3QrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMNiBQB0BUBgBcBshceChwIABIUcHViLTgxMTc0NzQ1NTY0NzkzNjMYxLQU&sigh=YsQAnl_iU_w&uach_m=[UACH]&cid=CAQSSwBpAlJW9cwU56HGRKxUjmObbd1QDKSxdvMYXENqMm87bX7DhAtB_foZrwTjBc4R8yRktjglW2k9vB1iTFtdaT4NM-2HFYRu-QCcIRgB&cbvp=2&vis=1
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK request Show response
aux-log2-sh.adtelligent.com/campaign/ 43 B
283 B 94ms
88ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/campaign/request?cmpId=672383&protocol=ima&waterfall_position=7&waterfall_id=18959047&advId=690314&isvm=0&performance=0&sid=%D0%A1&site_full_url=https%3A%2F%2Faidheps24.space%2F&video_duration=180&aid=806471&c1=%D0%A1&width=660&height=371&c2=https%3A%2F%2Ffiles.unocdn.com%2Fvideo-service%2Ff7fb43603a78398c6cc234e504fd6fd0.mp4&cb=196526113052&v=2.7.204&t=js&adId=0671B614CE72B4EA&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=0
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:22 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 i.js Show response
cm.idealmedia.io/ 0
133 B 47ms
31ms Script
application/javascript 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i.js?&cbuster=1689336803623905012517
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 12:13:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 7e69adeebe1c1bdb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK error Show response
aux-log2-sh.adtelligent.com/request/ 43 B
283 B 88ms
88ms XHR
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/request/error?type=208&v=2.7.204&t=js&adId=0671B614CE72B4EA&aid=806471&sid=%D0%A1&width=660&height=371&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=5&cb=1689336803614
Requested by: Host: static.adtelligent.com
URL: https://static.adtelligent.com/static/jsvpaid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:23 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 i-noref.js Show response
cm.idealmedia.io/ Frame F5DF 0
40 B 35ms
34ms Script
application/javascript 2606:4700::6811:6b29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i-noref.js?cbuster=168933680363147541943
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6b29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:23 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 12:13:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 7e69adeebe1e1bdb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 13ms
12ms Script
application/javascript 2.19.244.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/n/o/novy.tv.1392473.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.232 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=43906
accept-ranges: bytes
content-length: 63913
expires: Sat, 15 Jul 2023 00:25:09 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 77ms
60ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17849020104496ae6d637af0909e5c3be4482df8867099c29d25176ee60a2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 12:13:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40BB 13 KB
5 KB 13ms
11ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 10:41:48 GMT
expires: Sat, 13 Jul 2024 10:41:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 03D2 783 B
536 B 21ms
21ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27cc8125bef6aaade911001792789d0a0aa6f2cd25482280adba7ba797959164

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YVYo8ZIKJxm74JA2YrUI0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aidheps24.space/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YVYo8ZIKJxm74JA2YrUI0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 12:13:23 GMT
expires: Fri, 14 Jul 2023 12:13:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03D2 0
0 45ms
44ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=1901676568815314&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 40BB 38 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 00:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 00:28:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 40BB 0
12 B 8ms
8ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DtWIeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C71 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE1U0-f87CQzSNZT1FlT3VuLpfx3S7RQfTuF00IgvvPJ5Cpt4kjwPb4yz8jSvriDYB0cPtmfMniCL1lL-Z_byK-yRLOR4QBAtHeOZcECmWHN9BNanrYsA6NjGP8_DECP98JmHtpzK1RPfG&sai=AMfl-YTAcVUCrvaULQmwPQUl42yAd07pK0oeYRyeqsxOT6vfM95Wp5y07b-0sFJaEh4NGor3ujnr9u0OMWe7bsN3lt3jmesPXNFwqF8JlYrX8XvI9ZarAtpYetWncefkqW896OaLNoxchkp9cmoC4w&sig=Cg0ArKJSzEwNX0zWT5CXEAE&cid=CAQSTABpAlJWwDt5Ejn0_0kKbU-08q8UUsAKFqX9SVPN91hUwX7W1fLO1mh_n2AHNvo67zrJxTWMtJ7UC6UAict0brYM-hMOjjFP9JGLzWsYAQ&id=lidar2&mcvt=1003&p=1030,436,1120,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2308062911&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689336802490&rpt=803&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 42CF 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaE7rKrpF01CnoiKCGPWtgaxd5Ef64iG93FCaPq9uKPJi3mWAyx_tENYmTWW6CHPiJNDnJRQm-2wXsyaBQTwgLfqO4qNjzE60Z0f2JzOpWzOQHmrU18GKY3BB-q2a_X86zXaBluuI4L3tmR6dtTiDk99cYZsxU7d0Cmyjiu6f3&sai=AMfl-YRn5jbgGiF7XT9PXcY8aGj58sWBIfI9WPqwFaD6ZpC0O5RDGJIcO49i6BEOvLBCwyiHVNlfNOjOMwAvCu8YTGyni4XtrjjE4LOE9p4frtKTRpYC4VBipWtfeA68aY-f51otOqBtrGLXn2jn&sig=Cg0ArKJSzLsSBeKe66VjEAE&cid=CAQSSwBpAlJWTr-OiCKHnPlCk94EGwl42d6qppRK4c-o2a4EFh4IslmqteRkstN0K66Lx2cDUUB6AAftpp3qC_gZtRhaWO_M1aZCk6KifhgB&id=lidar2&mcvt=1006&p=285,995,885,1295&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20230712&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3400365515&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689336802437&rpt=884&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=1901676568815314&bg=!hYalhtLNAAb90kgr3dI7ADkAdvg8WnngQBnPbkinzf1O00ArYhMJdvHYibyeoVoS09Wz2ngPdGNwA-NWFbB79nHdNyRKSdm5Sd0CAAAAc1IAAAANaAEHmQKk9Ms8AbqC2fU1ybtpU0ylKCm1TB7DOudcr-E5bmrIHYwgYsw4NNqouUzrYB6KXyBIv4QKogHgKhssRI3Z08wsWmeva-MSKqiSTlJujp2bgShPyvtZtIcNcu7h1O552lGQc-8Nb_gJxqtJH6qA5USkTjPvv0FfySmdNd2Rayw1yGYN0udd8aNF_837t98XCd543GVoBO1TatYw2NiDue_WSOuWdiDYowfP1585bxqgRVDkvJGmYkxmBINnr2FE71nMmgvE7121G9X2YRP_UuwzNyja3U-GchGakJFLU19bHyROYgoLMOBgupkYizrJJ365ssAugBwlC9EZOQfNV6J8R4oDwaWFitjVrfCmMXCb5QzWEVmOshxZ5ZmMkkzW-8yTG8xijDu9sXetvvZl-fQKtoAqRLzvqmIxqag2jGngHQ5d5bLHuCMqy4esJZIatP_i97dxL6tkJaRdzShwxv8dfgQqh4vXQ6thGjju4SbjH-xcoNQt5yaf83mzoUqIXW72n55XWry6CR5jw5KFqngP8QHcNmUDymYazQp8_xtZTbL7XS_kPjAJxmDXWaEQla48uEY6WKQ_fM0vPiLBfa7Obxek0TODaB0iAGp9M0vM-LaIarI7dg2iaTkA7l0Sqt-T7xJtZh5YOSihQ3DTWsGYNx3AyBnV57n1oB1gLf9qFtdxN0a_T4oHgsg32DyU_nIe_B6nvG80FcC96HJ7teG3H_TlnNnupDtddKHCfYN-UlGxOI-zKaeltjkPMhHtRUCoSrqVoI-tTwgUyhKjW-rPmZ1ZhFdoY1d9qOAbB-kaiN6ziBkwW546dIYpDfC5gl6OF47JhNo67m-D3P5STgtbySBvH0LiMD1lZOOvOR8BRx3UgBS0TYa8P8bRM3r9h_M46I6xoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 iac_script.js Show response
novy.tv/wp-content/plugins/integration-api-clobbi/js/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2606:4700:20::681a:e0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novy.tv/wp-content/plugins/integration-api-clobbi/js/iac_script.js?v=1.0.1
Requested by: Host: novy.tv
URL: https://novy.tv/wp-content/plugins/integration-api-clobbi/js/iac_ajax.js?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ac3a1886c0d68a8d16988f0aa18d37b47e68cd758daa1fd5fced5bd3ce83c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 12:13:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43725975
cf-polished: origSize=4086
cf-bgj: minify
last-modified: Wed, 23 Feb 2022 10:00:27 GMT
server: cloudflare
etag: W/"621605bb-ff6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQvZfyCkTwKEFlkbDANGfQ%2F0UUxuX8czzooc8tbVQCLlskQvqb4lcVJBL71K1R9OCln%2FQfjq1bhJAaJlLD8UAQ7AZmNn%2Fzm8B4lXqqS1LdErCWKjCi3JpLEquMeW82b7D6pOMS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e69adf5ecce9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK vpaid-event
aux-log2-sh.adtelligent.com/ 43 B
283 B 87ms
87ms Ping
image/gif 107.151.2.114
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://aux-log2-sh.adtelligent.com/vpaid-event?event_type=91&v=2.7.204&t=js&adId=0671B614CE72B4EA&aid=806471&sid=%D0%A1&width=660&height=371&sv_content_id=455285&env=desktop&country=61&is_secure_frame=false&domain=https%3A%2F%2Faidheps24.space&tte=3002&cmpId=
Requested by: Host: aidheps24.space
URL: https://aidheps24.space/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.151.2.114 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://aidheps24.space
Date: Fri, 14 Jul 2023 12:13:24 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d670f713a1d1a29402ae80d219043b0e2e5dea0f22d8708162db46a52d1439

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 21ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-H6NKLEHBT8&gtm=45je37c0&_p=1316124108&cid=1938475494.1689336801&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1689336801&sct=1&seg=0&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&en=adblock&ep.adblock_status=false&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6NKLEHBT8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 16ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E7X8YLE29N&gtm=45je37c0&_p=1316124108&cid=1938475494.1689336801&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1689336801&sct=1&seg=0&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&en=adblock&ep.adblock_status=false&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E7X8YLE29N&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 25ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-S98PZYR0WM&gtm=45je37c0&_p=1316124108&ul=en-us&sr=1600x1200&cid=1938475494.1689336801&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&_s=2&dl=https%3A%2F%2Faidheps24.space%2F&dt=%D0%93%D1%80%D0%BE%D1%88%D0%BE%D0%B2%D0%B0%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%20ACTED%3A%20%D1%8F%D0%BA%20%D0%BE%D1%82%D1%80%D0%B8%D0%BC%D0%B0%D1%82%D0%B8%2C%20%D1%82%D0%B0%20%D1%85%D1%82%D0%BE%20%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B8%20%7C%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%B9%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB&sid=1689336801&sct=1&seg=0&en=undefined&_ee=1&ep.event_category=premium%20banner&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S98PZYR0WM&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aidheps24.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 12:13:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aidheps24.space
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 43ms
42ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 14 Jul 2023 12:13:26 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 41ms
41ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=AAFAA763218441B79F710C7FE7573A1F&time=1689336806786&location=https%3A%2F%2Faidheps24.space%2F&referrer=&is_flash=0&session_id=285876315&version=3.5.357_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=4368&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://aidheps24.space/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Jul 2023 12:13:26 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-Medium.woff

Domain: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-ExtraBold.woff

Domain: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff2

Domain: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff

Domain: novy.tv
URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.ttf

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=421D1484-8304-4307-8AD8-4A032C2539E2

Domain: novy.tv
URL: https://novy.tv/wp-admin/admin-ajax.php

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.piano.io/	1970-01-20 13:15:38	Name: __cf_bm Value: w2E5.cbtPwtD6D9GnFNxpFH.I3MygZhlLrDaWoJUe7U-1689336800-0-AcfSC/7r+CLnfHVIaKIWihHBWWcd9tH+Q+6QGrIXYlP4WqXOR3wh/B2CSqPTxY3Zs40yLYEXDFisFkgeyCsUPc8=
aidheps24.space/	1970-01-20 13:16:19	Name: __io_uh Value: 1
aidheps24.space/	1970-01-20 22:02:39	Name: __io Value: 59e95c131.445cf1cba_1689336800774
.aidheps24.space/	1970-01-20 22:51:36	Name: _ga_H6NKLEHBT8 Value: GS1.1.1689336801.1.0.1689336801.60.0.0
.aidheps24.space/	1970-01-20 22:51:36	Name: _ga_E7X8YLE29N Value: GS1.1.1689336801.1.0.1689336801.60.0.0
.aidheps24.space/	1970-01-20 22:51:36	Name: _ga Value: GA1.2.1938475494.1689336801
.aidheps24.space/	1970-01-20 13:17:03	Name: _gid Value: GA1.2.2037483514.1689336801
.aidheps24.space/	1970-01-20 13:15:36	Name: _dc_gtm_UA-27719526-1 Value: 1
.aidheps24.space/	1970-01-20 13:15:36	Name: _dc_gtm_UA-27719526-4 Value: 1
.aidheps24.space/	1970-01-20 13:15:36	Name: _gat_UA-27719526-1 Value: 1
.aidheps24.space/	1970-01-20 13:15:36	Name: _gat_UA-27719526-4 Value: 1
aidheps24.space/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1689336801240%2C%22visitNumber%22%3A1%7D
aidheps24.space/	1970-01-20 22:02:39	Name: pnespsdk_visitor Value: 5oqnu3w3w1akc0am
aidheps24.space/	1970-01-20 13:58:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.aidheps24.space/	1970-01-20 22:01:12	Name: _pubcid Value: fd55e9fd-ce93-4e5d-be6d-12d47cfc7943
.tt.onthe.io/	1970-01-20 13:17:03	Name: io_uidd51792b4d5f7e5523e2fa6df873e8051 Value: 14
.tt.onthe.io/	1970-01-20 19:37:12	Name: io_user_hash Value: 59e95c131.445cf1cba_1689336800774
.bidr.io/	1970-01-20 22:44:10	Name: bito Value: AAB2i07JYngAACBWHWe_cQ
.bidr.io/	1970-01-20 22:44:10	Name: bitoIsSecure Value: ok
.aidheps24.space/	1970-01-20 22:01:12	Name: _hjSessionUser_2348859 Value: eyJpZCI6IjI3ZmNjZDIwLWE0Y2YtNTRmNC04ZjJmLWUwZTQ0ZjAwNjg3ZCIsImNyZWF0ZWQiOjE2ODkzMzY4MDE0NTMsImV4aXN0aW5nIjpmYWxzZX0=
.aidheps24.space/	1970-01-20 13:15:38	Name: _hjFirstSeen Value: 1
.aidheps24.space/	1970-01-20 13:15:36	Name: _hjIncludedInSessionSample_2348859 Value: 0
.aidheps24.space/	1970-01-20 13:15:38	Name: _hjSession_2348859 Value: eyJpZCI6IjdmOWNhOTUyLWQ1OGEtNDA0Zi1iZWJhLTViMThjZDM4NWM0YiIsImNyZWF0ZWQiOjE2ODkzMzY4MDE0NjcsImluU2FtcGxlIjpmYWxzZX0=
.aidheps24.space/	1970-01-20 13:15:38	Name: _hjAbsoluteSessionInProgress Value: 1
.aidheps24.space/	1970-01-20 22:44:24	Name: __gfp_64b Value: SGZ3rPTi3xev5SPqa_cMoiJleEydH7_DXyeElxbLOL7.p7\|1689336801
.hit.gemius.pl/	1970-01-20 13:25:41	Name: Gtest Value: KlS7rRGGQMQGaaEGM8m_abiUssGMXP8c25nSGLl1eQDRXBG.
.aidheps24.space/	1970-01-20 22:51:36	Name: _ga_S98PZYR0WM Value: GS1.2.1689336801.1.0.1689336801.60.0.0
.adtelligent.com/	1970-01-20 14:44:53	Name: vmuid Value: 88a2616db2da27e3
.hit.gemius.pl/	1970-01-20 22:44:24	Name: Gdyn Value: KlxtCMMGQMQGaaEGM8m_abiUssGMXP8c25nSGLl1eQDRFRxSG7RrGS6GxsltFlMMYH7hRjBGqSRxSG8.
a4p.adpartner.pro/	1970-01-20 14:42:00	Name: apuid Value: c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523
.pubmatic.com/	1970-01-20 22:01:12	Name: KADUSERCOOKIE Value: 421D1484-8304-4307-8AD8-4A032C2539E2
.pubmatic.com/	1970-01-20 15:25:12	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 15:25:12	Name: DPSync3 Value: 1690502400%3A245_241_235_201
.pubmatic.com/	1970-01-20 15:25:12	Name: SyncRTB3 Value: 1690502400%3A13_54_251_71_220_21_56_46_161%7C1690588800%3A35
.doubleclick.net/	1970-01-20 22:37:12	Name: IDE Value: AHWqTUkJAV218AGJGSkQBdzGxbtKRPfFUCtFv7800UVcnpGa3TnMLWeUGAVJx-9Zv6g
.doubleclick.net/	1970-01-20 13:15:37	Name: test_cookie Value: CheckForPermission
.weborama.fr/	1970-01-20 22:41:32	Name: AFFICHE_W Value: jxqolKHy6vmP81
.rfihub.com/	1970-01-20 22:37:12	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrU0NzczMDUyshDiM9QN8MoIKvCKD3b0L8gAAPEB3gglAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrU0NzczMDUyshDiM9QN8MoIKvCKD3b0L8gAAPEB3gglAAAA
.rfihub.com/	1970-01-20 22:37:12	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFpbGxmYWBkbGIJAMzcLukQAAAA
.adform.net/	1970-01-20 14:00:15	Name: C Value: 1
.de17a.com/	1970-01-20 21:54:00	Name: guid Value: 1.5815451935532111623
.simpli.fi/	1970-01-20 22:02:39	Name: suid Value: 4BD7C9DDA5D1423B98DFEC1F42A4ECD0
.adtelligent.com/	1970-01-20 14:44:53	Name: a558003 Value: 421D1484-8304-4307-8AD8-4A032C2539E2
.adtelligent.com/	1970-01-20 14:44:53	Name: a307558 Value: c4de7f4f-eed1-4a82-b6d3-ebfb50cd3523
.adnxs.com/	1970-01-20 15:25:12	Name: uuid2 Value: 8042858467766948337
.pubmatic.com/	1970-01-20 13:58:48	Name: KRTBCOOKIE_336 Value: 5844-5815451935532111623
.pubmatic.com/	1970-01-20 13:58:48	Name: PugT Value: 1689336801
.pubmatic.com/	1970-01-20 15:25:12	Name: KRTBCOOKIE_18 Value: 22947-5141210825977605228
.pubmatic.com/	1970-01-20 15:25:12	Name: KRTBCOOKIE_80 Value: 22987-CAESEDazza6EZI37FJFVkoC5iHI&KRTB&16514-CAESEDazza6EZI37FJFVkoC5iHI&KRTB&23025-CAESEDazza6EZI37FJFVkoC5iHI&KRTB&23386-CAESEDazza6EZI37FJFVkoC5iHI
.aidheps24.space/	1970-01-20 22:37:12	Name: __gads Value: ID=f21b355326b3dc40:T=1689336801:RT=1689336801:S=ALNI_Ma6nGkWIzrLTYwjoJzV4oaPqEv5RQ
.aidheps24.space/	1970-01-20 22:37:12	Name: __gpi Value: UID=00000c69e831794d:T=1689336801:RT=1689336801:S=ALNI_MYOLUf1vNTO9LPCvTjV8FWynuOgRg
.adform.net/	1970-01-20 14:42:00	Name: uid Value: 6487804213720259050
.adtelligent.com/	1970-01-20 14:44:53	Name: a584890 Value: 5216369895775830525
.amazon-adsystem.com/	1970-01-20 19:32:53	Name: ad-id Value: AytD4nLF1E6stm89IqZXVv0
.amazon-adsystem.com/	1970-01-20 22:51:36	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 13:58:48	Name: KRTBCOOKIE_391 Value: 22924-6487804213720259050&KRTB&23263-6487804213720259050&KRTB&23481-6487804213720259050
.adtelligent.com/	1970-01-20 14:44:53	Name: a297253 Value: 8042858467766948337
aidheps24.space/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1392473%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221689336803035%22%7D%7D
.doubleclick.net/	1970-01-20 13:15:40	Name: DSID Value: NO_DATA

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://aidheps24.space/(Line 1154) Message: Access to font at 'https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-Medium.woff' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aidheps24.space/(Line 1303) Message: Access to font at 'https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-ExtraBold.woff' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://novy.tv/wp-content/themes/novy-2018/fonts/Inerta-ExtraBold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aidheps24.space/ Message: Access to font at 'https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff2' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aidheps24.space/ Message: Access to font at 'https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aidheps24.space/ Message: Access to font at 'https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.ttf' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://novy.tv/wp-content/themes/novy-2018/fonts/New_Channel_Font-Medium.ttf Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://player.vertamedia.com/outstream-unit/2.11/outstream-unit.min.js(Line 8) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=421D1484-8304-4307-8AD8-4A032C2539E2&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://aidheps24.space/ Message: Access to fetch at 'https://novy.tv/wp-admin/admin-ajax.php' from origin 'https://aidheps24.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://novy.tv/wp-admin/admin-ajax.php Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ads.pubmatic.com
ads6.adtelligent.com
aidheps24.space
api-esp-eu.piano.io
autocounter.idealmedia.io
aux-log.adtelligent.com
aux-log.bidmatic.io
aux-log2-sh.adtelligent.com
bb83ece5fa17db7c46f87c88e190049e.safeframe.googlesyndication.com
bootstrap.adtelligent.com
c.amazon-adsystem.com
c.idealmedia.io
c1.adform.net
cdn.onthe.io
cdn.plyr.io
cm.g.doubleclick.net
cm.idealmedia.io
content.adriver.ru
cr.frontend.weborama.fr
d.adtelligent.com
d5p.de17a.com
dis.criteo.com
files.bidmatic.io
files.unocdn.com
gaua.hit.gemius.pl
ghb.adtelligent.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
jsc.idealmedia.io
juke.mmi.bemobile.ua
ls.hit.gemius.pl
match.adsrvr.org
novy.tv
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
pixel.adtelligent.com
player.adtcdn.com
player.adtelligent.com
player.bidmatic.io
player.vertamedia.com
pr-bh.ybp.yahoo.com
region1.analytics.google.com
s-img.idealmedia.io
s.adtelligent.com
script.hotjar.com
securepubads.g.doubleclick.net
segment.prod.bidr.io
servicer.idealmedia.io
simage2.pubmatic.com
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
static-cdn.adtelligent.com
static.adtelligent.com
static.hotjar.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.crwdcntrl.net
tpc.googlesyndication.com
tt.onthe.io
um.simpli.fi
vc.hotjar.io
vplayer.mmi.bemobile.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
a.audrte.com
novy.tv
107.151.2.114
13.225.34.68
142.93.164.216
146.59.30.96
172.217.18.2
178.250.1.9
18.164.52.95
18.66.112.15
18.66.138.185
185.239.172.77
185.83.69.58
193.0.160.131
194.247.175.19
194.247.175.23
194.247.175.25
198.47.127.19
198.47.127.205
2.19.244.232
2001:4860:4802:34::36
213.155.156.167
217.16.18.206
23.227.138.196
2606:4700:20::681a:e0d
2606:4700:21::681b:c358
2606:4700:3033::6815:a27
2606:4700::6810:f015
2606:4700::6811:6b29
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9b
2a05:d018:d29:3601:f3c5:b81c:48d6:4797
2a06:98c1:3120::3
2a0c:5c81:5119::2
2a0c:5c81:5120::2
34.111.129.221
34.111.131.239
35.204.74.118
35.71.131.137
37.157.4.28
37.252.171.53
45.133.44.3
45.133.44.4
51.83.200.186
51.89.9.252
52.222.208.154
52.31.235.128
52.95.118.179
54.154.249.114
54.38.197.123
67.220.182.50
95.216.24.148
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0542a3af2c1612a106460e0978f7d5d81c86856b4662f9343e6bdc917002206a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b8ab9feaf7b2ba9ff2b2546b14e195e071dd2ed3bf0e1991c8daf720cf1ce8
09bbeb1b10e71c0eed00d14a36252b1d7c628b1facc82c113fc6300c6c3461e8
0aa0cd9475282911c184f564385b0b610767109ae4bca64c914af0cbeb722bb4
0af1f9ff5761daa81b6c1cdb1a8cf862ea9348fd2d3610ff9a9b454e8eb033f7
0caab7de2b6d190e7fad15e5e81b2e8130ac073fe1960149c597b9ac12509d1c
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0e3d7902609430e2b5f87914e061e99debec0ee68f09d9618b3426aea7c6dadb
0e5e64cb1d7edb133f7b3dd779be3a51660618d0c8758a5777abda755f5f53da
1009100b2aebabff2e6e0ffb79c4306b6a25bcd5235405497aa5d77b17bafe1b
101349871e92c6f5618fe959579fa68fba8d14659d273d0b61353664c101abc3
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
12644cf829a29c7cc2bcf64628334052367bb6d8593994e4f8c79db146a429b3
12868a14f253a4b0f3adc6b2cc61ccf92d0e6970c7dd34e6eb76cf198ec4d10b
12f2ec54aa38a98d041f5d6b10f14de0edd5512b57b88c2adfc97fcf4d469f43
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
15419e486203a04e4aa782d87a8787fe0f797d892c704dd9ac82cb5d2b1883eb
1552105b34dc0cc63f46f81622d2d904dffe0ba807d4f9972bf77d905a5c5ad3
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18d6a97ae9a38a5a12d21652b74fe31d0dba0409d489b371e49f7f8cb5bb34c5
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b05b4f7169f900d629a82f50f1873fe2d5791ecac5c428f9f2a21b20895ae62
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1fcb8f4cac9358e0d78bca726b0c89dc1df284ce67cd078028f24008e184493e
20ac9dfb9f94ee5d524a89e8858e1caecf0c0634af6af80e11a42d242cebdaee
20aecea986a9492b8b2b217fa9c056f1b916df45afa7905906fd9e58e931188a
21d670f713a1d1a29402ae80d219043b0e2e5dea0f22d8708162db46a52d1439
220a7911dd6de21926674a7aa2ac599513d6a22530676a1d46653feb6c637777
228992710b4ed37f1788745248f2366e4f2cd3a52a7be94367bf028a0c927510
229da7b90b32b138f2dfc8467fea95a0d9a258c9d6abd3750d23a9cb1a082afc
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
24cfd979853ab96df2dc78daeee5d50f7f42042a0a2f6ea2f8acdab7cb0e16a2
262530703d8d0ec8c9b9337a490e7419d8322b4d368c6f339bb759aefd3cc201
266b774ea14d2b5b21615e8915bfabe5be4dc578615fa2976c769a682ef23b56
27ac3a1886c0d68a8d16988f0aa18d37b47e68cd758daa1fd5fced5bd3ce83c7
27cc8125bef6aaade911001792789d0a0aa6f2cd25482280adba7ba797959164
295f7d993b81a1b9f86862835671d1c860ead5afbac19cc20e1b6d3214720517
2a803a843e08672d32a7a99457ff0f2f5d341c99c9a8ea11600f64a67bd744e6
2c2c85754d9483addaf3d128e7b28516f9ec28eb01d0c8de8d9fe6e4498e1628
2c6f0c2e544b26a69e4bce070d3eab8647caf5c92770e2596c14cd28e1aa3f05
2cc14827a35fe2c5fbf563fbe3bc8c20de72431ed27e8ec1b7929f002f21adc1
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d26fb316d4e40b1bbc518fd6f379f2ce289db5ab3fc400bf9c5f59cee0d660
312a693b86d502e6a7bc01f32c68b6570d8fbd732e0418146565d73ebd8b303b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd494840979936605dbe77a2518a6f3b288c1e656059b964c5e88344520d14
3209c1fc4191f316945ee564f83c7c9c53951300e1f4727a8bc12d075498e0f9
3276b06ea1089d982269d3fa40953de6c073348f7e902825cc6bf46b57a5891a
33c082602225b5a8142f6e283c400a2a1a5729b3ae216a6245c1432f544acfdf
3a3f8974aa85c5aa227588b5fde00bf7a4c2e8f35dac614894f929fb5df15092
3d21f67c3a5cde43c7d762efbc593e52ad1faa5b1d2cc8059a9ade3097bb1338
3de752507391e127ebb736c0ccd43c51e6cc54ece82f6ebeb3e10c766132bd7e
3f45db1868dd27c430cf4c482fc19021007e6a2237e92bfd97cd4976dc96bb5a
3fb9daeeeb9188abe5523ce6cdfaf80a815039053d48d1ba6e46b57902b4f63e
3fdfe2323bbd7714631973620d41fff07d79b1e178d5fe9fc84d4fc61bfebe27
4076cb010aa9cad85860e5fa888747609824b5da0e74c858ef278a02270d95c1
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39
42e5c6d28787d6a82dc46949ceb042d945d6b1c8ba2ccc901cb3e53856587943
44930603fe7a92f43bcc3f9faa90d1659337109c709db85f148cd23a8fc10772
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e6bea1dfef9d9a4641395e120168d0b5a3cccf93bf8df73a4b9acb654f1924
47f524ee3e804499f68269e403d3b272b7f16d1a87f39bfea7c54d42806876b6
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d684f6c04a0c4fccb9aeaccd2eea14eecf5c5980b2c773d63bd41125114b18
49cc5bc8009a32175ff3b8ff404b186594a80b4933711ba51001243e7ddc3b05
4c4a1e299dff66a5e715ee27974b1c4cc160fe3d7f9a7f32175af325b70be51d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2ae7863db594b125a7daae5b09b601abc0ba00d5e92b8cff4a3fa837c44039
4f42b87a604e0473edd571121cde804cff5513f844a22b23562a28a4d683396e
4f666b264722f0df80a6af095ac71f50a741fe27ef3b2dde247f232542e7e7b4
4fb18464ca8247411c2a298472fe63187e054946cfd825ad711c678fb679ccba
512c5ccde22bbb3698c612695b6d70310c6b39a940b5a1c56f832e7209ac9e43
51d4e7e18526922d26c561051774bab201085dab90e6b71960b3f11e491590ae
5333adc469c59c21aca34d01849c3fd727a03b906b42feefbf85d35964d67594
54539f14d8c5349dee64456777e6d1cfe54b0a2b9d8561bd3e8a67c194b135f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568d1ca43be6a7c3a52ef6ab86b175b49b6637baebd6c05541f0acab6ae5ea8b
5747997d80825cbafcdbe5ab97d7b5502c06b1aae85fed9610845348b3da4d98
58cc61823190fe6cc648d14c521055c3801484b5d74604aaa016e97cbf926775
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5b30243f7ad109941758c04758acd3a1e91f0a5c4d50e98c419ecf1cb669a384
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5de338dcbd298c9bd97858f7a632dbb581bc0f0893e2a0642cdc2e1aed852590
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6120f09158ac17764458a5250e6d0603f8a7abf27d61fc68409edd32ea7f1fed
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633ec08442e776417d0557e6b58fefff6f99691aa1a4d043ab8a9ae87593b279
65b1d277ad418bd3c1b6b4cea779e1ec47b67743fc3b0e67a9ca3d23c08854cb
66449986d1ee8f220f4a763bdf6d1ace8b447ded98e7e901dd0bbe014691056f
66e716ab4f0a024b0de63c56f89d2eceb75bb3b20b2a9149d919c073428c5db8
68309512702a49c97e6723711ab1d90c2edd53fcb21ee55377cbfcc90a2fc979
68faa1cbc1f4aaf97c674b9acb0e3f5f80f39103d0aeac994547d2f8c0e727c8
6943ba1ec4fbb0a9e8808335a58f9e072289f725a5e69180641684e204fdbaef
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6a6ce105f68e8e8d0673105cf12766e0990691fe6f30a04b0398de5b30286ff7
6b48d17c9b39ac37a995a6af1990916e9f61ad106662ee3a3313608ef53cbfcf
6c5263bbb83770537d1add11076191723e619b8d94f770a59d31a95aad1bda40
6d81ed152c0fa56b33ba9397574454a01f475ff8b08c6b3bc93cae01870bd6b7
6d99a56c4e6eee8e7d20180889d67482472f80d1ff1c1924f7a24246c6c7be68
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ef6101ab1deb73807e4fa52359cf2b4df761d3d22259f63d0ba497c8b82eba3
7332057f8d8d4fb54fe25d8f66b6166ea7629421968aa7d58846e5499c688d6d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77d1e01de3e1434eeb84cb1baeda3eb8b6bd85b35189ad15e461c43b88699a6d
7bc5ba0873a298df2d95225387c3d5ea4b529372d840bcfafcad7b51ee8cd7e5
7fd72730bd48ca9fc5c27393bdf5983f432faeb4368acf9de54b8a896751807c
8014d0262bd3fd29a9472e160a179138cf7b89b0d41c4749c4b881545e25baa0
801d1098e7f078d69ac2a579eeb309b171dd595ca85b3a65c3ab6f63419b1475
82a13d78d84bef8c4d761d0d619cbda472dc600f34390bb990fbc2afaf580077
83c334028694d1c537a8614e24adefe1388362f00ed20d0cd1f738a03ca74fc1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88128ad2928b19512a99b3c23b2dc8642c36dad3d3e4e78deb18acce6e4ff8f3
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b9aa3ff6337b49f2547a758e2a91a664df8688b0773024863b04d5f23b9d194
8c372d03973600ab403bf7d014fdcf94d843d86a56808ccedb4f98dc02d78886
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc6e9e4eed8c1a8abc1f19d293d0151e46efaed4005315de255b2cc0da0b476
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f0085b9c521ff65bb0334663570bdda282acc3efff58559b73cbd7a4a17ecc6
8f493194d3150b2a1cf0d88f63e0e9288c6a8ee24dbf57c171fea74f1ecf01b3
90d4e9c6b62d8719baca9398fda03dc56f1594ad9a2699ccbc6d1727db7b4895
91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036
9215f2ae1aabfcb72341425fc577e854ea6e722398bf890140d1eef0d9a63125
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9552747080259280658a7ca63697792ac23f9eddc1b852af3851fb010469d659
95facd0a35e20a8e183e5c6ff13852b72dd0833464080fe78f31a812e57d87d7
9768a8cc948c2859128f4846caf379f6e316a6e55c015026e75cf9b4124a6465
98b2de1a49c001373789ce86503a472c35b6032e351aa17e02c8ba2ac1049a65
98b3b368e44e38610d084b446e8a43dc3798cbbf1aac0309ccffb8714657a371
9b116862ec4708442f8370c88059030fccde5bb57cb9d7196d2616c8e19bacda
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9caee07982b6c9a8ee3b0d35849d95f7d18d537cbf48294bc77653ee704f897f
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9d07dcb5aa030c311fa7e40bc145a189a1440e931d9778da77421416bac34007
9d29d39690951c8d48da734f2319f2307e1d33a2b4aba8e98736f8fb3e625594
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a170a2136ac35a9346cfedb12eb6e6dd61aa5d08ee556c80333976f4aeccecb3
a17849020104496ae6d637af0909e5c3be4482df8867099c29d25176ee60a2ab
a23a47b558ec8546ae92b26295eed1365a54c5004521cde80b6eb4d29d6a0391
a27a1f7450bb503666d615f618632215bc48e2cd8d8e41f48b7ce7c049890de4
a306f3150c0a470666c2c670c42fdc5fcc3b60a0561886dcd227caabaff80286
a3dc7a7cf4fe184a480b5209c00254d33450ca33adac2992002af1be8b80fd6f
a647ffb391ee312ecaf646b14d0b60a004c8b60e17870ac28facc319b53955f2
a83e4bb2a98df95ee3291e06a76024c79b62aeb2b2c111d34cc84c5af241d0e4
a8e6e3bae7ae349523b4fdbfc22654ca1db55fa81e928650dd0d8be49fc5d04d
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
abeb7875c9a50f84249903d4a8353483ab83f0c9fe58038b58d7f2424642ddfc
ae0e75e0758b69888658392531c8fb9d4cbd0312fb875ba0fc027dc217288c96
b3fdcdc090b6ee2977013f8f6ae2d8bd35822211ca1e3037bc05651483979226
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b8953d9f58aae149091d59bdf3aa1ace4ed0eccdd1d2694d0a95628c154c4d16
b9503016f09f37172f52c4bbbe778a5acb80506b615b869787d6e6e5f3e9f330
bae8d1e64afbef0b01473417b125527c1d7e8d92d8bb26c46abbb1877a20422a
bc361f91c39cc5a669735c0dba8bf82e191eb666036a5b797a816708c79116ef
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdfe3a2b1cfc249d20f20867371282841afa1757342ed25421e4c3e0f449c581
bfd5f558a0b6a4fff9b9093d9fd6492cd4cbbdad24e07455be690bf18cc0fcdf
bfe44021bb6e2fcee8a524e22b1c90fdfb8de17f5956b2973b4701e9a80c4689
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c52a2d79fe45ee4b5b24936e37332d78bcce2ae7975facab0e85ce0e0cc91a24
c70070dea8563cf48b07bd826618554ebb5cc1ea6332d024c4697e774c4ce44d
c7e536dccb0560e5570765fd7cff4a66ecadc2b67b3f67163320350da9e4e377
c8330472d7126be4837f77c7604765686082791ef283c920ece712f763e455a3
cd2fa71d9486cbe231abfdb01069ac5af26217c36700a59e5371d631445e6f0d
ce487a64fbd92ab717241ae535b45a8bc008ac7db0fcc43f4033c4086344bd27
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7b10607b8fe2d4eac6c13944705327abb5df3594d5e68331e59eee15f21563
cfac49bec33974b027f5e08c4a7e40a76dca5d3d855b5d260c6eb2e9bdd67e9e
d01256338e3488a4ec8cfd549ac8f6acee628a9f22c79243bb1b08d642a5e274
d1ad40996dd4b8c331c4be156727f769074c37aefb0d26581771f05d891361e2
d241cb12f41e5fdb4a9fd39c077ceab4981b661f861a7023bb40d67a29bd57ac
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d2b1ce13bc5a89421ac7ad2fedce4aac78d94a5ec307526e506332cde6ae92fd
d36317007a5b2a5523c31e36eee382593cf4f2a5b49923f896228c1e6eaa0f7f
d595f2f2c4d32eeb822be8337ae5c2bc4302a7f6b32bbc4b29d4c5b86472eb20
d6f5e121b352df5e977970d17a7f5ebcd7761b5c0f09c7ae6911021e3232de45
d7097fac153159cf580230139aa18e9cb41d69ce9233b5aa2e904e4f74932123
d7912563987cf53dbaa44382a8ebfd5351f811f9015dd7dcb4e914c8274c7ce9
daca2dce2dfa30dc3106ef72d8ed8e26cf92b5d6114f427b7729a3b17708c834
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de84f4a7301d160f204dc2b09c61a25900d51a6f8c8be036dfaf564f572b45fb
df69871d426374758b8981768ef3caa480fb966e1f70e7015051837c005478af
e12febd4dcd08be289fc7e8f615991923809f122e6e2cfed50ec7b1b1a141342
e1a95fe6d4be6f16467a0a7a04c51110a66f610b7d59cf9b716fa34f1543c42a
e24155fd449b27dba478aba31849bd435cfdba27e5f614c4dd5c60f15b7f1778
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59af19807bff44a3534dea77e76e3a367024ef7fb8399927a44337d96d9642c
e6d344931dd0e8b20b80baef0ed288dfa51c62681d21cf691fde47c094057228
e814f25790e51e065d2ddda273639aee2926641f7c4a5ea738e83a240c77e281
e8f47fa9940a6b629911f7e1672f060069ebdfbb7118b2e9da882efff9d26a58
e9cf5f45f23995e94e64211189d13a2ef0df270327732382ffffc2db19135b8f
eadfd9c4747a5049f0c9c1083d399138572d2b1da1df471adb0a0432360f3d3b
ec92b57c994a8fe66e5145e0dcdb6cc0326b512af4b563d44f00ba45b323bb59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f037ad398e68dc00d780b3539ac2e3482838391b808698808703f6ad752b58a3
f1dff87786d29246c729f71d6174c0285ccec4f96ca16621bc894bdbe5d8f46a
f32beddade8548d21e686a2eda947a9f2b0f6d8b70fbb8da85b578d81666e949
f65f31149bb8dc57f8c6cbab63de50c8427541865e400ac3a6c2167f2e502ccf
f66f579deec67acb2aaf8636f81238e82211cc78cf7f88d90b0001ca588a6ce5
f8a37d4bbd62a8a70a1a71afc84a591c29feaf2cf0b2942146517d3afb27016b
f8bb551df9615f4072370a446814f647068734980e2cfb4a9015369a8d73ceb5
fb29b01ad016336a002e5b0453ed017340a5c091ba09ea67439e311162473ab2
fcf1235bc19e00241a816bc74735004001604989a4b67ce858bff71ea6471297
fe3a45122ffb45cdfaf3c9147f0e5407be5a08151b1025fb7eae18f1216da491
fe56d812dfc3dcdc5209a5e4ecbf326eb83b27a8da6bdbd1b96f1d2aae386f61
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

aidheps24.space Open in urlscan Pro 2606:4700:3033::6815:a27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

343 Requests

94 %HTTPS

36 %IPv6

40 Domains

76 Subdomains

53 IPs

12 Countries

3061 kBTransfer

10727 kBSize

60 Cookies

78 Outgoing links

Redirected requests

343 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aidheps24.space Open in urlscan Pro
2606:4700:3033::6815:a27 Public Scan

Screenshot
Live screenshot

Full Image

343
Requests

94 %
HTTPS

36 %
IPv6

40
Domains

76
Subdomains

53
IPs

12
Countries

3061 kB
Transfer

10727 kB
Size

60
Cookies

343 HTTP transactions
21 data transactions