hayat.ba Open in urlscan Pro
178.23.184.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hayat.ba/
Effective URL:
https://hayat.ba/
Submission: On February 07 via api (February 7th 2024, 3:53:08 pm UTC) from US — Scanned from DE

Summary HTTP 388 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 67 IPs in 11 countries across 41 domains to perform 388 HTTP transactions. The main IP is 178.23.184.42, located in Sesvetski Kraljevec, Croatia and belongs to CRATIS-AS CRATIS Ltd., HR. The main domain is hayat.ba.
TLS certificate: Issued by R3 on February 2nd 2024. Valid for: 3 months.

This is the only time hayat.ba was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 93	178.23.184.42 178.23.184.42	61094 (CRATIS-AS...) (CRATIS-AS CRATIS Ltd.)
3	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
3	52.222.168.86 52.222.168.86	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	13.32.110.114 13.32.110.114	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.8.178 104.26.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 13	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	35.156.69.117 35.156.69.117	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
2	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.34.44.38 63.34.44.38	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	18.245.47.29 18.245.47.29	16509 (AMAZON-02) (AMAZON-02)
1	89.149.192.245 89.149.192.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
40	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
15 20	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6 16	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2 12	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
4	162.55.81.174 162.55.81.174	24940 (HETZNER-AS) (HETZNER-AS)
26	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
6	168.119.2.148 168.119.2.148	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:206... 2600:9000:206f:2200:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
388	67

93 178.23.184.42 (Sesvetski Kraljevec, Croatia) 1 redirects

ASN61094 (CRATIS-AS CRATIS Ltd., HR)

hayat.ba	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.168.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-168-86.cdg52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-114.vie50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.89.210.82 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.69.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-117.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.44.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-44-38.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.47.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-47-29.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.66 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.36.155 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.55.81.174 (Friedberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.81.55.162.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 168.119.2.148 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.2.119.168.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:2200:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	hayat.ba 1 redirects hayat.ba	1 MB
75	googlesyndication.com 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	487 KB
46	doubleclick.net 17 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	376 KB
36	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6930 cdn.revjet.com — Cisco Umbrella Rank: 6513 pix.revjet.com — Cisco Umbrella Rank: 5747	2 MB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	428 KB
16	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	11 KB
15	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2221	440 KB
13	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	14 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	203 KB
9	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 423 bidder.criteo.com — Cisco Umbrella Rank: 679 mug.criteo.com — Cisco Umbrella Rank: 3123	15 KB
8	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1533 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	390 KB
6	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 625 oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735 u.openx.net — Cisco Umbrella Rank: 683 setupad-d.openx.net — Cisco Umbrella Rank: 63276	1 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 ads.pubmatic.com — Cisco Umbrella Rank: 535 image6.pubmatic.com — Cisco Umbrella Rank: 805	12 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477	18 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	80 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 33615	30 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157	106 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	24 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1857	5 KB
3	adform.net adx.adform.net — Cisco Umbrella Rank: 4252 cm.adform.net — Cisco Umbrella Rank: 1147	738 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	73 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425 cdn.id5-sync.com — Cisco Umbrella Rank: 857	26 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	7 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 740	350 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 581 eb2.3lift.com — Cisco Umbrella Rank: 412	836 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41849	2 KB
2	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	4 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790	458 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	268 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 4977	2 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1434	376 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 40785	132 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	94 KB
0	setupad.com Failed node.setupad.com Failed
388	41

	Domain	Requested by
93	hayat.ba	1 redirects hayat.ba
40	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com pagead2.googlesyndication.com tagan.adlightning.com tpc.googlesyndication.com hayat.ba
28	tpc.googlesyndication.com	tagan.adlightning.com 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
26	cdn.revjet.com	tagan.adlightning.com srcdoc cdn.revjet.com
20	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net
18	s0.2mdn.net	tagan.adlightning.com s0.2mdn.net 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
16	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
15	tagan.adlightning.com	stpd.cloud tagan.adlightning.com 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
13	ib.adnxs.com	7 redirects stpd.cloud googleads.g.doubleclick.net
12	ad.doubleclick.net	2 redirects 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com tagan.adlightning.com srcdoc
9	googleads.g.doubleclick.net	1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com tagan.adlightning.com
7	1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
7	prg.smartadserver.com	stpd.cloud
7	fonts.gstatic.com	fonts.googleapis.com
6	pix.revjet.com	srcdoc 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com cdn.revjet.com
6	www.googletagservices.com	1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
6	gum.criteo.com	2 redirects stpd.cloud tagan.adlightning.com
4	img01.ztat.net
4	ads.revjet.com	tagan.adlightning.com
4	secure.cdn.fastclick.net	tagan.adlightning.com secure.cdn.fastclick.net
4	securepubads.g.doubleclick.net	hayat.ba securepubads.g.doubleclick.net
3	www.gstatic.com	1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
3	static.criteo.net	securepubads.g.doubleclick.net stpd.cloud static.criteo.net
3	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
3	fonts.googleapis.com	hayat.ba 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
2	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com
2	www.google.com	1 redirects tagan.adlightning.com
2	cm.adform.net	hayat.ba stpd.cloud
2	image6.pubmatic.com	ads.pubmatic.com
2	ads.pubmatic.com	stpd.cloud
2	id.hadron.ad.gt	cdn.hadronid.net
2	mug.criteo.com	hayat.ba
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	oajs.openx.net	1 redirects hayat.ba
2	prebid.a-mo.net	stpd.cloud
2	prebid-stag.setupad.net	stpd.cloud
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net tagan.adlightning.com
2	id5-sync.com	stpd.cloud
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.jsdelivr.net	hayat.ba stpd.cloud
1	token.rubiconproject.com	eus.rubiconproject.com
1	eb2.3lift.com	stpd.cloud
1	setupad-d.openx.net	stpd.cloud
1	u.openx.net	stpd.cloud
1	a.ad.gt	tagan.adlightning.com
1	google-bidout-d.openx.net	tagan.adlightning.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	pixel.rubiconproject.com	hayat.ba
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.hadronid.net	hayat.ba
1	ssbsync-global.smartadserver.com	hayat.ba
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	lb.eu-1-id5-sync.com	stpd.cloud
1	ghb.adtelligent.com	stpd.cloud
1	bidder.criteo.com	stpd.cloud
1	hbopenbid.pubmatic.com	stpd.cloud
1	adx.adform.net	stpd.cloud
1	tlx.3lift.com	stpd.cloud
1	prebid-eu.creativecdn.com	stpd.cloud
1	a.teads.tv	stpd.cloud
1	fastlane.rubiconproject.com	stpd.cloud
1	rtb.openx.net	stpd.cloud
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	www.google.de	hayat.ba
1	stats.g.doubleclick.net	www.googletagmanager.com
1	stpd.cloud	hayat.ba
1	www.googletagmanager.com	hayat.ba
0	node.setupad.com Failed	stpd.cloud
388	71

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.twitter.com
www.youtube.com
www.hayat.ba
twitter.com

Subject Issuer	Validity	Valid
hayat.ba R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
stpd.cloud E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 41 frames:

Primary Page: https://hayat.ba/
Frame ID: 297D708A2ED467F8E34033FBD2E1AEF9
Requests: 176 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hayat.ba
Frame ID: 16D567E5EBE4A3D1355AD345EE03B1FC
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3D532EBE4441693FB7A3354A3F5A783C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 1320A3B7BF9FB71C41A89D3DA031C1D2
Requests: 2 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3B200DB7559B9460EC7F9FC38E310CAC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 323FCED9CF7F937CFF13CBEBD3F69DAD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hayat.ba
Frame ID: A89C37A1F30969ED9D186EB43ADD2E72
Requests: 2 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04EEE62B0D93B88B6EF1CFB465835CB1
Requests: 20 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1886AE9CC9092A65E0AE6FE6AEDFEDA8
Requests: 20 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F9498550F7927BE9D49ABF29BAC8FF7B
Requests: 15 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DF3C6109CF4EF1F0F0D0A6B95AEC26E4
Requests: 15 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2037ED521477510480DD6833F8B69067
Requests: 7 HTTP requests in this frame

Frame: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F9B5165789F72A220E6E560F28BCCDB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNWXdK8pP_8S0qNZ8OCXUk3_WjuGBqlGzWfUQI8wdysCApzaLeBqm4iGqJjk9vYNTpA5h1S_4DzHZXT028kWcrFG2oLF3sXXpMHmtZ-kwTDk1lY4n6emSVUK6SjiyHjp5rXlEm1M-8XerVTwCz7kB_HlmT4sjWyHcfvb5__P9V01ujDCkC0
Frame ID: A1F72F792FC6E4B12D4681C45F493E56
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDF1FB9EF985F6AC2C9888EAF9E891B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9191EBB5EC4FFE3B63BEA3574AEC4746
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPB3d4BMAE&v=APEucNWz1FcTPPQLC9GqyyubUIvQdJgvWEzgbCCN4Q4xpj0kXrpKKUAINULlB0uocx_Tdh52p44MAi0jia9p6bbQWlZqsek3ltCtNl5YpuSwL9UXaWCK_wulB78qHJKXXGetiv8u18HHzoinJa24wkiPykyueojqR34wwRKV6oIj5-IuLxYz3xo
Frame ID: 17CA5FF9F4451212AA9ED718F72D0BAA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNX7LQ-pCl0NgabItKDNZT_GkCJdk_MDZKyACE6bIBgq5U6Q62LAoy0O2gU9ImHqBZmLNvl9JicFVSbVPZ9GxbSVKsAzMY9sP7bYm_kVDHK1FAzXtkkuknEtLzaR7nwI1ookhrVYDXY2pu44AwtTRPWUIXEoOxA11s07iF5NHSVrozB4MWg
Frame ID: B7242DB49E59725793A5E2C802583DE1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNW1ysJDnz6KMU3sbxIIIgfjY9Ls75O-IWAV-oIFTN1s1qpQTIEHfxD22r04EQ2RbY1U-NEUF4EwkfpTtFad01u8pMWp53RR1IxbnTN5zmC7fxbRm2lw-mFx3HFsv5zJtK8qV72wfmKfXBcQTPJKuLUkWe6P0_h_JndeCj_kbvVaJueHbcE
Frame ID: AA64EE26DD7414611DFECEDAB8A196AD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DC1359CC85D8FBD6FD267274C736F233
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C9FB5FFBF6541A736B5C3503BC764D52
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCAjIgDEKCehpwDGMHriIYCMAE&v=APEucNWepHjE--XL-WJPvasOcl276PYCU65JgaqeSiyHj5eM9-D631py9m5-y7Mo2PzGO9aMlU2s6ZM_olOzhvOmkN86dFNkOaQuS10Y_8YDJVeVb7qvcag_81PKgjr25H5aDOfPCl1Z9WjQRpCdpB1Lea1VmC1vGyypd5lgUU0QDmwlOGPJMLM
Frame ID: 0F1C2D9D033B2B02EACCBE2400A3040E
Requests: 5 HTTP requests in this frame

Frame: https://setupad-d.openx.net/w/1.0/pd
Frame ID: 80A3ADFA6BA3D91C30FCD840C1C87F6D
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: E0C08F63690D3029F57D3D9DD97D2CFC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA99876B73A1B73%26sp%3D707647%26pb%3D534151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fhayat.ba%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 70309F18D9007DBDC3D9EDE053613AA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: A55AC553D3E052F80C774EF9805FABA7
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: ED0ABEE93B87891E78B8680D71D09133
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1CD377545A76E7478F349A2E296D7DF0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
Frame ID: 0CA91954F1DF30D841FBE7B9C14F7989
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
Frame ID: 64A88CCBB12AD4C1407FFC8FFBD280CC
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7ED5D8789C216B404503A3A066739B97
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DCA4025A91BE33D907BB22139BA7E48F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250
Frame ID: 006397F1145EAF696334708EB9D30309
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4A4D444CB3376C3EBD3E07128DC5F10B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F3A5A7799C3866BA9948243AEB1037D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/pOkZermKdcwvcdfsJauNAZYLsZag1OhXX1s4zePfrzc.js
Frame ID: 45CD6D4003AE03B0C475C245CF3F3EDC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5F9729BE4B2B077AF53F8ED9E13B60F0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
Frame ID: 15A0C0F74BBE017BBD7AFF7204F8BB2F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
Frame ID: 82F07C2AB5FD12655292BADD90EA1649
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: 518D11F9779CF4058F579D266A43CD50
Requests: 16 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: B1DA15CBA388E4ED94E7FABC8CEA5B45
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hayat.ba

Page URL History Show full URLs

http://hayat.ba/ HTTP 301
https://hayat.ba/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

388
Requests

92 %
HTTPS

41 %
IPv6

41
Domains

71
Subdomains

67
IPs

11
Countries

6737 kB
Transfer

14795 kB
Size

30
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/HayatMediaBIH
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/HayatMediaBIH
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.twitter.com/HayatMediaBIH
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/hayatprod
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.hayat.ba/gledaj.php
Title: WEB TV: GLEDAJ HAYAT

Search URL Search Domain Scan URL

URL: https://www.hayat.ba/play.php
Title: VIDEOTEKA: HAYAT PLAY

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hayatmediabih/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/HayatMediaBIH?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8LsYbBwRBkPyvGfWYpcCkw
Title: Youtube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hayat.ba/ HTTP 301
https://hayat.ba/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142

https://oajs.openx.net/esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp&cc=1

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hayat.ba&sn=ChromeSyncframe&so=0&topUrl=hayat.ba&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Yi6EwHxLUGtPTGtYMnFCM1Z4d3pFTGZTTWNUNGlpZXdvVm9RUUk3NUM4TzBveE5PQkplM3AvY1JjYnhIbjlLcXZuWnFXVWpTNzN0UGFkV0hzbnlITkx3cWh2UWlJOGgxMUc3Q0lwSXBmOTV0NFZZaG1mZENNUjUzbXV3Wk1CYnVIRDhYNTBoWTc0QW0rT0FXMXJWaXlKQzhtMlhFVmdLT2lKeng4ck40WG1maytEdG84TGFwOHYzWHo0Q0xLWmdyU2QyZlJhNlB5N3FFb1EzNWVJenZhcDA2V3pyMUFRM0tqeXc4ZlNhN1JiZ3gzR2NwWUZxVUY4Nzl6TzZqYnhIQUthZDQ5bHhCdC9TY0RlMVZLTy8yTHkwMEFiQT09fA&cppv=2

Request Chain 177

https://gum.criteo.com/sid/json?origin=publishertag&domain=hayat.ba&sn=ChromeSyncframe&so=3&topUrl=hayat.ba&bundle=CLvtPF9QWVNjJTJGMTJJRVVKMSUyRkhFJTJGempYdE1Ma0NYcmJSMUtGJTJCdVVBRnY1ekFxRkhrTSUyRnNxOHRVZjFCMnhlMUxBV253R0M2OTJZc3prejg1dTl2UjI1VnlNUTdVTzR4NjlRSmduUVA4NXFwU2FpWkg0YmRlclRkR3Z4VmdBbE9LM2pqZnFMbGpTNHFhRlRpQkhhaUUxb1lYU0dRJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=i7xaUnx1ZC9VWWY1NGtJR2pwMWFTVVRKbTgweXcwZHgyaGxYb0Z3cXZ4VUxuekNOV0d6cFBCNHVQUVB2eWs3UHVaYWl4QXFDQ1o4YUxKcFJZeUo1TzZGZzhxTlA4aG5qMUU1cGhkSkFENTI3ejJwVm9LRW9LOUQ1YmtTa09qSmtmUEQzYllnR0tQb3VPUE04N2N1dlhTN1NPOWx3Z1Iwb1ZtYjdCQnM1aUs5cDA3d1hTcCtHN2JXU3NqRDhEb1hmSW5BcFRMWktJZ3NjVEp0a015aStUTjZkaVNDNGZFczgraFlwbU9sUGQzVmRLd2todE93VGpsa2FoeEdIUmpnT1JYMitXUmQ0OEtoYVBiUExEWCtOMUJVK2FaQXBETFFCaG9BbmtkQy9GYWw3U09END18&cppv=2

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

Request Chain 230

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE00VYGGZbgHLwWCKx3Mghg%26google_cver%3D1

Request Chain 232

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

Request Chain 264

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Request Chain 266

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

Request Chain 269

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Request Chain 271

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

Request Chain 274

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Request Chain 276

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

Request Chain 285

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Request Chain 287

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Request Chain 306

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 350

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181134 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CNmf84TLmYQDFakFVQgd4AkKoA;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181134

Request Chain 357

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181143 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_pre=CMqR9YTLmYQDFUf0EQgd1TgONQ;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181143

388 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hayat.ba/
Redirect Chain

http://hayat.ba/
https://hayat.ba/

521 KB
81 KB

2835ms
2718ms

Document
text/html

178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 64b814326cfc684df45c6537d55dd24730c411ff0943d45707776c23dc557351

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 15:52:55 GMT
link: <https://hayat.ba/wp-json/>; rel="https://api.w.org/" <https://hayat.ba/wp-json/wp/v2/pages/33>; rel="alternate"; type="application/json" <https://hayat.ba/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 15:52:52 GMT
location: https://hayat.ba/
server: LiteSpeed
x-redirect-by: WordPress

GET
H2 200 style.min.css
hayat.ba/wp-includes/css/dist/block-library/ 108 KB
13 KB 150ms
147ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 05:50:37 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 13600
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 blocks.style.build.css
hayat.ba/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 173 B
227 B 150ms
148ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.80
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sun, 31 Dec 2023 08:45:25 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 173
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 custom.css
hayat.ba/wp-content/plugins/setupad/public/assets/css/ 325 B
191 B 150ms
148ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/setupad/public/assets/css/custom.css?ver=1.8
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e49c2c96744157adab67436cca21d306312b9fa30c5a510bb774e204361dee6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Fri, 26 Jan 2024 13:30:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 135
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 style.css
hayat.ba/wp-content/plugins/td-composer/td-multi-purpose/ 38 KB
4 KB 150ms
148ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=2542f6ebea260f8fc5fdc19a93688182
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 67e17eded48efd41da15c98b87275c8c4ef6a641859c4f253f0409219bdcad13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4521
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 138 KB
5 KB 180ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A700%2C800%2C400%7CRoboto%3A900%2C400%7CMontserrat%3A400&display=swap&ver=12.6.1

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e551c29f321da5ebb6313c0f96b9618ce75515b76724d343d84ed8eb4f46176e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 15:52:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 15:52:55 GMT

GET
H2 200 style.css
hayat.ba/wp-content/themes/Newspaper/ 153 KB
24 KB 150ms
149ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/themes/Newspaper/style.css?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e7926dc4d0147b1cf005939a3cef091028d810de29aae9eac958dd8ad4a09f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:42:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 24820
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 style.css
hayat.ba/wp-content/themes/Newspaper-child/ 464 B
259 B 151ms
149ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/themes/Newspaper-child/style.css?ver=12.6.1c
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6b4e9e137a0dd1cfb7da6e2f27925cc446f3b3fc79e05ea90f027f91c9fc485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 11:21:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 204
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 td_legacy_main.css
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 166 KB
23 KB 151ms
150ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=2542f6ebea260f8fc5fdc19a93688182
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: af3a01e20fbba9da6246a49945791e48be0a7014fbebd42b2f243507aeafd5ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 23964
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 td_standard_pack_main.css
hayat.ba/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 717 KB
57 KB 152ms
151ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=c9508b77873a9bade42bf83161789cd5
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 792180698e17019192621dfb6615fb58b7b158c5bcb9c8e08ee92d51bea79791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:45:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 58572
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 demo_style.css
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gossip/ 914 B
299 B 202ms
201ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/gossip/demo_style.css?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e76fc56db6a781f7f604b281948d4be6115b7fd1f95d0abc05ca22ec594f8b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 266
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 tdb_main.css
hayat.ba/wp-content/plugins/td-cloud-library/assets/css/ 47 KB
7 KB 202ms
201ms Stylesheet
text/css 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=58af2c94cc275a541409dcdc9b94a2b0
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6990
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 jquery.min.js Show response
hayat.ba/wp-includes/js/jquery/ 86 KB
29 KB 203ms
203ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Sun, 24 Dec 2023 09:44:33 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 29744
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
hayat.ba/wp-includes/js/jquery/ 13 KB
5 KB 202ms
201ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:22 GMT
content-encoding: br
last-modified: Sat, 12 Aug 2023 07:19:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4678
expires: Thu, 06 Feb 2025 21:52:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
94 KB 151ms
64ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9K00VWKFLJ

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a23e46c6b3d5d0cecb997a08030a7bce86ee23a855b4f44ede37573650b17a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95769
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 15:52:55 GMT

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 174ms
55ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5925217
x-jsd-version: 0.6.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iidcyuBrHWWqIPC5XeSQ2e%2BRLWlQPJIqkPJ6QrMr%2BJkShz337ol7zIuVqUFkSmDpXa5zt4UxVOezA4ZDD5vWoGzwDvc%2FrYNlbV8w3KHDtqNp%2BZxlfYdSBoUFufQgaa%2B5B7MmB2ORmvRADPBRzHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 851ccd8329261e59-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 181ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17163514a309a74d5ef535aed787f3be01bc7cfc9a4f94d6645398edf6791761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29570
x-xss-protection: 0
server: cafe
etag: 868 / 19760 / m202402010101 / config-hash: 800832556417968448
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:55 GMT

GET
H2 200 4138 Show response
stpd.cloud/saas/ 499 KB
132 KB 202ms
98ms Script
text/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/4138
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6af2180435149bf32227691a2901979eb6585b64feaf5ee1e9bdecd60d336c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 16:12:55 GMT
date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 15:47:55 GMT
server: cloudflare
age: 300
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 851ccd848fb0693f-FRA
stpdhash: cache

GET
H2 200 hayatlogoSMALL.png
hayat.ba/wp-content/uploads/2023/05/ 13 KB
13 KB 202ms
202ms Image
image/png 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/05/hayatlogoSMALL.png
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b68aa363511b9a822b072c111cfc943c15d0f4ba6721c38f6af363c3e39febf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:14:35 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12824
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 morbile8957345-356x220.jpeg
hayat.ba/wp-content/uploads/2024/01/ 9 KB
9 KB 202ms
201ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/morbile8957345-356x220.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 70fd0b4df9628ff428df614763317c2ce0232db6fd0c5ffdc2de72ae87f252f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Tue, 23 Jan 2024 11:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 9002
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 isak-fmup-sastanak-0702-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 22 KB
22 KB 203ms
202ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/isak-fmup-sastanak-0702-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8c7dfdef0caac43fa7204ba0f046ae06fb8b7dd463627c5a40191e80e4531379

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 15:05:06 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 22414
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 dodik-2101-356x220.jpg
hayat.ba/wp-content/uploads/2024/01/ 13 KB
13 KB 56ms
55ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/dodik-2101-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e3c77152429eb47000568a8cfb40d46473ce7d29baab4565e20af0870ff53dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sun, 21 Jan 2024 14:03:39 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13298
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
BLOB 200
OK 2a11cf50-0532-4e80-875b-6d1f3358d1e3
https://hayat.ba/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hayat.ba/2a11cf50-0532-4e80-875b-6d1f3358d1e3
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 setupad.js Show response
hayat.ba/wp-content/plugins/setupad/public/assets/js/ 0
83 B 56ms
55ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/setupad/public/assets/js/setupad.js?ver=1.0
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:41 GMT
last-modified: Fri, 26 Jan 2024 13:30:14 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 0
expires: Thu, 06 Feb 2025 21:52:41 GMT

GET
H3 200 tagdiv_theme.min.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 156 KB
37 KB 56ms
55ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b885670b8d44a105a61e6d2d7ab91ce1069ba87c4bc94e33d2b65910efba0cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:50 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 37701
expires: Thu, 06 Feb 2025 21:52:50 GMT

GET
H3 200 tdPostImages.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
645 B 95ms
92ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:22 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 577
expires: Thu, 06 Feb 2025 21:52:22 GMT

GET
H3 200 tdSmartSidebar.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 9 KB
2 KB 95ms
93ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a6eca9fcb49a7b32c8d3bc49371bdae3a3d66d33894b497cdc5297eae4871ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:46 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1841
expires: Thu, 06 Feb 2025 21:52:46 GMT

GET
H3 200 tdSocialSharing.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 3 KB
908 B 97ms
95ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:10 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 840
expires: Thu, 06 Feb 2025 21:52:10 GMT

GET
H3 200 tdModalPostImages.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 9 KB
1 KB 98ms
95ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:10 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1286
expires: Thu, 06 Feb 2025 21:52:10 GMT

GET
H3 200 comment-reply.min.js Show response
hayat.ba/wp-includes/js/ 3 KB
1 KB 138ms
136ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-includes/js/comment-reply.min.js?ver=6.4.3
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:22 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 11:21:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1228
expires: Thu, 06 Feb 2025 21:52:22 GMT

GET
H3 200 js_files_for_front.min.js Show response
hayat.ba/wp-content/plugins/td-cloud-library/assets/js/ 29 KB
6 KB 100ms
98ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=58af2c94cc275a541409dcdc9b94a2b0
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9d51ffab743363599c622d663c66dc987b6538e1342eabb0ede175dbb6863478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:48 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5883
expires: Thu, 06 Feb 2025 21:52:48 GMT

GET
H3 200 ads.js Show response
hayat.ba/wp-content/plugins/quick-adsense-reloaded/assets/js/ 968 B
358 B 105ms
103ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.80
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:48 GMT
content-encoding: br
last-modified: Sun, 31 Dec 2023 08:45:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 313
expires: Thu, 06 Feb 2025 21:52:48 GMT

GET
H3 200 tdLoadingBox.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 3 KB
657 B 108ms
106ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a51003115e6640ac72b7a1c6525250bd66ff3cb60f207168c9aef0369c484098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:51:51 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 589
expires: Thu, 06 Feb 2025 21:51:51 GMT

GET
H3 200 tdbMenu.js Show response
hayat.ba/wp-content/plugins/td-cloud-library/assets/js/ 10 KB
3 KB 109ms
107ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=58af2c94cc275a541409dcdc9b94a2b0
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dd65e0acae7b78acd3ba3f1c8232ec07b2232bd8ad5ff865293c171abbe54928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:48 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2841
expires: Thu, 06 Feb 2025 21:52:48 GMT

GET
H3 200 tdAjaxSearch.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 6 KB
1 KB 137ms
135ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:51:51 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1358
expires: Thu, 06 Feb 2025 21:51:51 GMT

GET
H3 200 tdbSearch.js Show response
hayat.ba/wp-content/plugins/td-cloud-library/assets/js/ 6 KB
2 KB 138ms
136ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-cloud-library/assets/js/tdbSearch.js?ver=58af2c94cc275a541409dcdc9b94a2b0
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7c1781abe479d7ea4bb36a3dad324da720c45829b6e8de9d2c8f97e2ea3983ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:51:51 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:19 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1709
expires: Thu, 06 Feb 2025 21:51:51 GMT

GET
H3 200 tdInfiniteLoader.js Show response
hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/ 2 KB
628 B 138ms
136ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/plugins/td-composer/legacy/Newspaper/js/tdInfiniteLoader.js?ver=12.6.1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f2be0d99588fd30f81f9d519e27422142ecb0af1d4ed5bc7e81d4eb32fe99978

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:51:51 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 19:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 606
expires: Thu, 06 Feb 2025 21:51:51 GMT

GET
H3 200 newspaper.woff
hayat.ba/wp-content/themes/Newspaper/images/icons/ 33 KB
33 KB 88ms
88ms Font
font/woff 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-content/themes/Newspaper/images/icons/newspaper.woff?23
Requested by: Host: hayat.ba
URL: https://hayat.ba/wp-content/themes/Newspaper/style.css?ver=12.6.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 84ff5956551fc72f1de653dbcc731847e839614696a06b6fb65bc900993b6c9c

Request headers

Referer: https://hayat.ba/wp-content/themes/Newspaper/style.css?ver=12.6.1
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:49 GMT
last-modified: Tue, 17 Oct 2023 19:42:59 GMT
server: LiteSpeed
content-type: font/woff
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 33384
expires: Thu, 06 Feb 2025 21:52:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 140ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A700%2C800%2C400%7CRoboto%3A900%2C400%7CMontserrat%3A400&display=swap&ver=12.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:10:32 GMT
x-content-type-options: nosniff
age: 74543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:10:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:44:46 GMT
x-content-type-options: nosniff
age: 68889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 20:44:46 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 179ms
97ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:57:01 GMT
x-content-type-options: nosniff
age: 75354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:57:01 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 236ms
156ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:02:23 GMT
x-content-type-options: nosniff
age: 75032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:02:23 GMT

GET
H3 200 azerbejdzan7220243-696x522.jpg
hayat.ba/wp-content/uploads/2024/02/ 54 KB
54 KB 79ms
78ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/azerbejdzan7220243-696x522.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dd111969d64cc56fcedff67a9874e35080e33cf189537a931a94466c777f40df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:08:33 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 54941
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 morbile8957345-1068x600.jpeg
hayat.ba/wp-content/uploads/2024/01/ 48 KB
48 KB 78ms
77ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/morbile8957345-1068x600.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 02feedcd4283d7430bbd65d29028bfde8b1e0a043077898249f44795c1199fd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Tue, 23 Jan 2024 11:56:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 49282
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 dodik-2101.jpg
hayat.ba/wp-content/uploads/2024/01/ 64 KB
64 KB 79ms
78ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/dodik-2101.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 50f7208f520fb498a28b7123b922c9229288cf7c3b270c5c441aa84c047f90e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sun, 21 Jan 2024 14:03:39 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 65027
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 akcija-Consigliere-mup-ks.jpg
hayat.ba/wp-content/uploads/2024/02/ 159 KB
159 KB 79ms
79ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/akcija-Consigliere-mup-ks.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 86f00e302b11b841fdcba0624bb8f665ae2d410cacff90c001ae60b81d839f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 14:21:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 163180
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 senad-omanovic-sankasi-12-1068x900.jpg
hayat.ba/wp-content/uploads/2024/02/ 143 KB
144 KB 80ms
80ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/senad-omanovic-sankasi-12-1068x900.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c0ecd932b58294ab2599d9b21128ea71e850b03420157c3d52b5d23c40b47a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:18:33 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 146848
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 157ms
127ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 429214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 140ms
120ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:59:23 GMT
x-content-type-options: nosniff
age: 75212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:59:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 156ms
137ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hayat.ba
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:14:48 GMT
x-content-type-options: nosniff
age: 74287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:14:48 GMT

GET
H3 200 Pirc-Musar-PIXSELL-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 67ms
55ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Pirc-Musar-PIXSELL-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 014fb7dee5535bdf14139fe965136584184aed742b114aef597df46125520177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 14:35:50 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3169
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 SRBI-IZ-MARTIN-BRODA7220241-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 77ms
65ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/SRBI-IZ-MARTIN-BRODA7220241-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ec4fb46493e3650c9fddf1dd406dfa0d17c3caf113abe94b6e1116aef090b230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:37:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3280
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 statistika-kredit-ilustracija_ddde10b456c63955305b2e51e7e930f9-100x70.jpg
hayat.ba/wp-content/uploads/2023/12/ 3 KB
3 KB 78ms
65ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/12/statistika-kredit-ilustracija_ddde10b456c63955305b2e51e7e930f9-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 06669b8542992d34be3628972c63e1c2793d4062baaa22b55e46acdfec604942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Thu, 28 Dec 2023 11:55:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3174
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 komsic7220241-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 81ms
69ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/komsic7220241-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 56e066a0e6a4295608bf36a02ab71442f3a93ccfc9b1501b85c7558584bf4c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:13:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3173
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Klub-Stranke-demokratske-akcije-SDA-u-Predstavnickom-domu-Parlamentarne-skupstine-BiH-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 82ms
70ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Klub-Stranke-demokratske-akcije-SDA-u-Predstavnickom-domu-Parlamentarne-skupstine-BiH-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 135e5a3a0453547e21f198b1ab431298f70980339ad914c4fbd0e16254d43979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:43:32 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2908
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 PSI-LUTALICE7220242-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 82ms
70ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/PSI-LUTALICE7220242-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8b16bb85247609a3de221bd71a9a26dcb4f78cee75fbee8b6e751a16e49a5091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:27:55 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3426
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 zoran-milanovic_329d654dbabbf560787de9aebcb97fdf-356x220.jpg
hayat.ba/wp-content/uploads/2024/01/ 16 KB
16 KB 83ms
71ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/zoran-milanovic_329d654dbabbf560787de9aebcb97fdf-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 83b1808bc3ec41297fee0dde291a7bede0129e0a7cc5b106c9c4301696b0738a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Fri, 26 Jan 2024 19:02:45 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16098
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 policija-hrvatska-1-356x220.jpg
hayat.ba/wp-content/uploads/2024/01/ 18 KB
18 KB 70ms
58ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/policija-hrvatska-1-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6f7db88f64fabe8d2d1e28e202b0a96a4e4a0d7853ccb2be27e755548bf6a8bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Thu, 18 Jan 2024 07:45:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 18671
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 ivan-pernar7229241-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 10 KB
10 KB 71ms
59ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/ivan-pernar7229241-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a1ba824aa210d5a76e824133be644d1094bc96f93cd0e029f0d1b61bd9df9e55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:58:32 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10005
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 FILIP-JOCIC7220241-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 71ms
60ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/FILIP-JOCIC7220241-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0b8945adf6601a2400f6f3c6937640910ec80b27d9179cfa8e33e9b569a3f10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:36:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3187
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 ivan-turudic7220241-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 71ms
60ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/ivan-turudic7220241-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d4a05d91d87e255bf599407d00e4989e4e295a486f0031eec767d40f4c3f881c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 11:44:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3261
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 policija-hitna-pomoc-srbija-100x70.jpg
hayat.ba/wp-content/uploads/2022/12/ 10 KB
10 KB 73ms
61ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2022/12/policija-hitna-pomoc-srbija-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 007ea04e93f84b11ac53c81e4d682a1f80a248eb69ae358a65646be274b93695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:18:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 9978
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 KAMION-SE-ZABIO-U-KUCU-I-ULETIO-U-SOBU-GDJE-JE-SPAVALA-DJEVOJCICA-facebook-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 73ms
62ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/KAMION-SE-ZABIO-U-KUCU-I-ULETIO-U-SOBU-GDJE-JE-SPAVALA-DJEVOJCICA-facebook-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0948f56be6e9a79002506e518c06c54e61511886fe54f4eb29567f280a204591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 08:41:44 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2841
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 hvar-.-1-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 90ms
78ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/hvar-.-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 836eaea8982a537a79334b80637830bbdbf1c11411a843af9961db21f85d562c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:22:52 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2641
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 INFLACIJA-NJEMACKA-1-100x70.jpg
hayat.ba/wp-content/uploads/2022/10/ 3 KB
3 KB 90ms
78ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2022/10/INFLACIJA-NJEMACKA-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 286de179916b785507cb2dc05f3dd5ef94330c40365422dc144018112357a1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:19:37 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2621
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 azerbejdzan7220243-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 16 KB
16 KB 90ms
79ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/azerbejdzan7220243-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0ba01710f53c4cc3277b37e7c08c66d09196ac040fabb7bb5370aab7d78b77f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:08:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 15989
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 helikopter-pakistan-356x220.jpg
hayat.ba/wp-content/uploads/2022/08/ 13 KB
13 KB 91ms
80ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2022/08/helikopter-pakistan-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 45836c60d07911460843308376cdac6cbe30e56b7f8cb80fb68baa0b46f8a290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:19:10 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 13638
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 DIJETE-PALESTINE7220241-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 9 KB
9 KB 92ms
81ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/DIJETE-PALESTINE7220241-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dc682a8d241c40e8f5f42432694c2576dd19b87aab18c4dc7a4a30a0c2a587a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 14:54:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 9554
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 orban838383-100x70.jpg
hayat.ba/wp-content/uploads/2023/06/ 2 KB
2 KB 93ms
82ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/06/orban838383-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fa7f1b1b1cd6d7a6b6a885f39378748b389dfa16a94aa55c5e141e14f72f8ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:15:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1898
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 azerbejdzan7220249-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 93ms
82ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/azerbejdzan7220249-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9d0eb7c13e2d853751066a1ceb24351c5557b0ab7889254e75a8ac777673a74d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:07:24 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3449
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 benjamin-netanyahu-1-100x70.jpg
hayat.ba/wp-content/uploads/2024/01/ 3 KB
3 KB 93ms
82ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/benjamin-netanyahu-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9618e45f8b50503732008b1f9f18f9535a1fe54c9973400a06b130b2fa9b7635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 08 Jan 2024 07:50:25 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2681
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 trump-zatvor-21-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 94ms
83ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/trump-zatvor-21-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ce05a0d6dd0fe77ccb518745836c84e17e4bb70e26a830ff20a08ed38bbb7019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:01:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2726
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 americki-kongres111020231-100x70.jpg
hayat.ba/wp-content/uploads/2023/10/ 4 KB
4 KB 94ms
83ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/10/americki-kongres111020231-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d322f1b181e54ce8f339eb05fe75da1015dc7e2586953ab99fc786f75584ac8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 11 Oct 2023 18:39:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3695
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 AVION-UNUTRA-2-100x70.jpg
hayat.ba/wp-content/uploads/2023/10/ 3 KB
3 KB 94ms
85ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/10/AVION-UNUTRA-2-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: dbff47271a36fe820103e286232c870b5e35e61ff3c280ec3ae14ef4e78d6648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 30 Oct 2023 14:08:37 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3195
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 akcija-Consigliere-mup-ks-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 22 KB
22 KB 98ms
89ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/akcija-Consigliere-mup-ks-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 22d84c18e68bb1b5077feafaf53cd895c25f6d38c7c98f6b0f11eeca59537fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 14:21:46 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 22689
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 MUP-KS29120241-356x220.jpg
hayat.ba/wp-content/uploads/2024/01/ 14 KB
14 KB 100ms
90ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/01/MUP-KS29120241-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9b9a8f0dd914699bfa4dae0ae7acb163ea4cc7337c79ea0bcbefaf87f18e4522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 29 Jan 2024 14:09:17 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 14648
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 dijete-roditelj-ruke-810x540majak-356x220.jpg
hayat.ba/wp-content/uploads/2023/09/ 10 KB
10 KB 101ms
92ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/09/dijete-roditelj-ruke-810x540majak-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 868598347e776c3829b943070da55edfd1484b7de9b7c66e66268c47777bbff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 20 Sep 2023 07:41:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10497
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 banja-luka-policija-akcija-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 103ms
94ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/banja-luka-policija-akcija-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 62b8f18771f7e4918b1dc5cf675e2bc1aa316f5b08516e26103ba368cb018603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 08:50:05 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3262
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 kina-zgrada-12-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 103ms
94ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/kina-zgrada-12-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 84a67ba0aeec788f97b31c7abe19c91154e7da46dbda481cf5cbb662a4e98fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 08:46:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3239
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 napastvovanje-silovanje-1-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 2 KB
3 KB 105ms
96ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/napastvovanje-silovanje-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b938efc37455e8dd2975cd80293391cb956ea9e9d2f551631b9a87e42ef8f8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 08:42:38 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2524
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Screenshot-2024-02-07-084530-100x70.png
hayat.ba/wp-content/uploads/2024/02/ 17 KB
17 KB 105ms
96ms Image
image/png 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Screenshot-2024-02-07-084530-100x70.png
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 537db6a5c1651d4f8baa5d70d0811fac1725acd33464fb5b6ab2e7c053b01eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:46:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 17700
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Stefan-Glavic-1-privodjenje-Foto-Sinisa-Pasalic-Ringier-872x610-1-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 108ms
98ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Stefan-Glavic-1-privodjenje-Foto-Sinisa-Pasalic-Ringier-872x610-1-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a91eb503338209ed142b4cff6c0f2b48225a48ed2ad2290573bb119c778b67c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:43:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3161
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Screenshot-2024-02-07-083335-100x70.png
hayat.ba/wp-content/uploads/2024/02/ 15 KB
15 KB 108ms
98ms Image
image/png 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Screenshot-2024-02-07-083335-100x70.png
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d69331ade9534ddcc332fbce6e6fe613d1281d7dbbff94a4284006bda717b322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:34:20 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 15378
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 senad-omanovic-sankasi-12-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 17 KB
17 KB 109ms
100ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/senad-omanovic-sankasi-12-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 244db8007773ba4a992135005dba7c649f3934012f7cbb1923336c58134a4634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:18:33 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 17565
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 BEGIC7220241-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 19 KB
19 KB 111ms
101ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/BEGIC7220241-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 30d513a8ec41577737b734980100c9721daeecf3e7e9836a539bbe0ac4f0d448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 12:53:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 19533
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 ZMAJEVI27320232-356x220.jpg
hayat.ba/wp-content/uploads/2023/03/ 20 KB
20 KB 112ms
102ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/03/ZMAJEVI27320232-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cc1e5d6b9623887ead82dc2f2b793390ea9ec97264b8e7277b8d60f92199e2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:13:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20002
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Senka-Ibrisimbegovic-88651cb48cc440b3e894-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 112ms
103ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Senka-Ibrisimbegovic-88651cb48cc440b3e894-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3beb16c6ec1fad4d504801c764196574b86f56c66f97090de0661f4796d95891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 09:33:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3477
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 luka-doncic-1-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 113ms
104ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/luka-doncic-1-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2f57a84565cda791524849542379afdd4971edcb405803ce74c82a192b0eb458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:37:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2853
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 jusuf-nurkic_7136054397903241152_n-100x70.jpg
hayat.ba/wp-content/uploads/2023/10/ 3 KB
3 KB 113ms
104ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/10/jusuf-nurkic_7136054397903241152_n-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: da4f21baec953cbf45d574375c2d4cfc74f066627848485f059e17b56e6d2e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Thu, 12 Oct 2023 06:54:01 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3422
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 gattuso6220241-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 2 KB
2 KB 113ms
104ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/gattuso6220241-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0536d3be6f4c21ddf0d13d2693fc2fcfecff0992de7f5a70fec81f02cf3add4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Tue, 06 Feb 2024 17:38:03 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2187
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Fudbalski-savez-Bosne-i-Hercegovine985732903-100x70.jpg
hayat.ba/wp-content/uploads/2023/03/ 5 KB
5 KB 114ms
105ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/03/Fudbalski-savez-Bosne-i-Hercegovine985732903-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ec1812d2f699cc696550cea935924d818d817cf38c1260d4a6ce407dc52bcc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:12:42 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5221
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 toni-sunjic-zrinjski-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 4 KB
4 KB 115ms
106ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/toni-sunjic-zrinjski-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8e741b9754c19e4edc8eef99c8b85bad023692c3618516c220923bc0de471025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Tue, 06 Feb 2024 15:05:58 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3889
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 igman-konjic-saudijska-arabija-ugovor-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 15 KB
15 KB 115ms
107ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/igman-konjic-saudijska-arabija-ugovor-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 148a10a7c5a8ae7ac5465e4a810ba0430bc9a7cacaa7f2e62910058d8ec2b5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 14:05:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 15031
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 most-pocitelj-radovi1-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 19 KB
19 KB 117ms
108ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/most-pocitelj-radovi1-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9dd0adea489d39e03c6de9019e92dd29363dc246de25943cd4b5b70eb3b3217b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 07:50:40 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 19550
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 Leonardo-Del-Vecchio-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 12 KB
12 KB 118ms
109ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/Leonardo-Del-Vecchio-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 675f2ff69b9cd0d08eac89d365830d9a8ac30a6a6249e719e82223832dc40454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Tue, 06 Feb 2024 08:54:03 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 12092
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 centralna-banka-bih-hayat-2-100x70.jpg
hayat.ba/wp-content/uploads/2022/09/ 4 KB
4 KB 118ms
110ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2022/09/centralna-banka-bih-hayat-2-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f95af4f6e53e5366939315ddfe532a7200fb36e62163b95b855847f141206d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 12 Jul 2023 11:20:51 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4063
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 lopare-2222-100x70.png
hayat.ba/wp-content/uploads/2024/02/ 16 KB
16 KB 118ms
110ms Image
image/png 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/lopare-2222-100x70.png
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5889a5a553b8502e04de5b86586351c08bbf6d4d5eee21deac8b0b8e9e8dfe5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 05 Feb 2024 08:57:31 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16544
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 wizz-ar-11-100x70.jpeg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 124ms
116ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/wizz-ar-11-100x70.jpeg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: aa43b5e5dc80eb8598a092df1000bb4f8331042191f4d938eb2d359164e34bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 05 Feb 2024 07:46:10 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3099
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 mirko-pipunic-1-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 124ms
116ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/mirko-pipunic-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 11ce102ee7d79bd0a799efc1712f3263a492764c185003bc602b3de9bd3e313a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sun, 04 Feb 2024 09:23:01 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2915
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 orasi-u-1-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 3 KB
3 KB 125ms
116ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/orasi-u-1-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5bca2d26288afe752682d314bf2f9492e0e169d428f9fcff2d8ead8a2d583ad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sat, 03 Feb 2024 18:44:06 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3392
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 sarajevo-stan-11-100x70.jpg
hayat.ba/wp-content/uploads/2024/02/ 4 KB
4 KB 124ms
115ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/sarajevo-stan-11-100x70.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d873ae1acedbcf4e2c8707878834d3aea6e0ccde8775aa4802f1bd7ef37f9e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Sat, 03 Feb 2024 18:58:05 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3744
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 efendic9435734324342432-356x220.jpg
hayat.ba/wp-content/uploads/2023/09/ 16 KB
16 KB 119ms
111ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2023/09/efendic9435734324342432-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 650ef1908f682f981d8fb80f7721c72500b89eda18f49063a614c88e0b5afbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Mon, 04 Sep 2023 18:03:31 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16660
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 SRBI-IZ-MARTIN-BRODA7220241-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 20 KB
20 KB 120ms
112ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/SRBI-IZ-MARTIN-BRODA7220241-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 63d875689582c18d536bdbc33e09f187866e620a171bd7a604bd3fa7d15ccd76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:37:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20403
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 armin-muzaferija434-356x220.jpg
hayat.ba/wp-content/uploads/2024/02/ 20 KB
20 KB 122ms
115ms Image
image/jpeg 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hayat.ba/wp-content/uploads/2024/02/armin-muzaferija434-356x220.jpg
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 305d8b8852028738ae4679432e363ef5783d5d975023f361cc8950b492445c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
last-modified: Wed, 07 Feb 2024 13:14:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 20720
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
hayat.ba/wp-includes/js/ 18 KB
5 KB 55ms
55ms Script
application/javascript 178.23.184.42
CRATIS-AS CRATIS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hayat.ba/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 178.23.184.42 Sesvetski Kraljevec, Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-encoding: br
last-modified: Wed, 12 Jul 2023 11:21:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4651
expires: Thu, 06 Feb 2025 21:52:55 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53216
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 01:05:59 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
240 B 135ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9K00VWKFLJ&gtm=45je4250v896637492za200&_p=1707321175638&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=58662235.1707321176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707321176&sct=1&seg=0&dl=https%3A%2F%2Fhayat.ba%2F&dt=Hayat.ba&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4248
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K00VWKFLJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 155ms
52ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9K00VWKFLJ&cid=58662235.1707321176&gtm=45je4250v896637492za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K00VWKFLJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 164ms
76ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9K00VWKFLJ&cid=58662235.1707321176&gtm=45je4250v896637492za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=692659900

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 129ms
41ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhayat.ba%2F&domain=hayat.ba&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hayat.ba
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 07 Feb 2024 15:52:55 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 207178
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 op.js Show response
tagan.adlightning.com/setupad/ 14 KB
7 KB 147ms
40ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/op.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 130391d24e5e878f5eed6b0b166d061f8f03009e6b26d1b5b28af2c8269c14dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 5jkducbW4GJw70dLtJRSABbzvp6h69uu
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 14:54:16 GMT
x-amz-cf-pop: FRA60-P4
age: 3521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6548
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:32:12 GMT
server: AmazonS3
etag: "47edbb275593c932d8eb4f9b75439632"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: UlgtGoa6Vm-UCzQ2Vxwx8kUB0tk1ywn1ftI3RoPDKDf03lJfcr5q0Q==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 286 KB
71 KB 169ms
55ms Script
application/javascript 52.222.168.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.168.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-168-86.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:14:35 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 20:22:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, CDG52-P2
age: 2302
x-amz-server-side-encryption: AES256
etag: W/"ba3382d9d570ac4bd87a011e1fec124d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: jA7ChBY3iZjydGqCl3Dg2wN-yHqSKExwP89qC8sjIGlBecmrUgfo5w==

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
409 B 135ms
39ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
367 B 126ms
42ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhayat.ba%2F&domain=hayat.ba&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 235121
expires: 0

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 91ms
48ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240207

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc4243c6ad514ffdf8f220a84b2c44b8b687e80ae5b236530012846abf754ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42726
x-jsd-version: 1.0.1958
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21983-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63b-T78c0E8QNLywpzVB27heuD3BwPY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWyoT2TDNNl%2FUX0KVR5QtivUVolyQrEVEoazBTG1%2BnbD%2B3B0Oc9vIyEAVhJ8rW3CeTnpODoC%2Ft47x%2FhRZvL3fU9w%2F%2Bdmwg%2BZ4dD6QHb4eK%2FdBkgplStPJl3%2BzkQfMpOTR6HRNKlujgTsC37KH%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 851ccd872e483821-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 187ms
89ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:52:56 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 148ms
49ms Script
text/javascript 13.32.110.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-114.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 03:49:39 GMT
content-encoding: gzip
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 43400
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 1OdbE2ZW1i2caCSORMolTW5aBuIiDETAEvicL8pKa2zpvwZkE7jXFA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 177ms
56ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: da8a4b652d65d2bc2781d1cddc9b30f4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 124ms
45ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2024 21:17:15 GMT
server: cloudflare
age: 399320
etag: W/"65bd5bdb-42d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 851ccd876be3453a-TXL
expires: Sat, 10 Feb 2024 15:52:56 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 143ms
42ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:33:15 GMT
content-encoding: gzip
age: 2240381
x-guploader-uploadid: ABPtcPpacjGVYdvmkZrr5Y-6TW8dDcnVYZkvbJ891nI3DNdtOYYrB6s9Edf7-0Ks_4Cc8-oyUL4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 11 Jan 2025 17:33:15 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 1 KB
1009 B 162ms
62ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79fa940b87b43ef8345830c83a63541658880b5d588f2b2041e45c4c820918e

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXOGBsFxhRFV%2FsxufNtgLb0K9pLZymOguxP2Oi0Cc5lOco3sbz1fhbJaU9waOOUnnhASerD5YfpnnFFhA0RC7fqGX9jh5e9tA0m79QUKN9RL3H66YR2MduHiENrFNuXeQ9xPY%2BpY1QH3"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 851ccd87fed518ef-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 306 B
539 B 369ms
273ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8235cf06504188ba5a15c4d1d64b97fcd1b4219453c4f8784a66238e0b769c4c

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIjFRf3cEpj0wH5oBXOYd088hsVV6uV1PIWScPRIJB12SYu%2BWvCyLZQj%2F2%2F2XsaGufygGnjcigxqLrnUtn24j3Ao0Y8%2F85wpzkTaojfDGc15K4LRhUeFudxnqjwGtmx37F%2FxdfrLUOdV"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 851ccd87fed818ef-FRA
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 802 B
987 B 140ms
44ms XHR
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

c4b3dc7e38494e2997533e63e4ef3c3af845d34e3394a3176adc50b76abc9e22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
an-x-request-uuid: 9e30e10b-811b-437d-a3d8-57e95f5a27ff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hayat.ba
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
244 B 141ms
49ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 538893ecd165d4babf73160d6626e5b72d81470446e8b8434477c8603962a046

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://hayat.ba
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
5 KB 348ms
147ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1923074%3B1969856%3B1904018%3B1940846%3B1940846%3B1969856%3B1904018&size_id=2%3B2%3B15%3B9%3B9%3B2%3B15&alt_size_ids=55%3B31%2C55%2C55%2C57%2C78%2C79%2C95%2C152%3B9%2C10%2C16%2C48%2C67%2C72%2C159%3B8%3B8%3B31%2C55%2C57%2C78%2C79%2C152%3B9%2C10%2C16%2C48%2C67%2C72%2C159&rp_schain=1.0,1!setupad.com,2099,1,,,&rf=https%3A%2F%2Fhayat.ba%2F&tg_i.domain=hayat.ba&tg_i.page=https%3A%2F%2Fhayat.ba%2F&tk_flint=pbjs_lite_v7.54.0&x_source.tid=3c69718a-0b31-42e5-b262-cd1efea3539a%3Bdfec33d3-49e0-4356-b11b-60b7aadaed61%3B6a361bad-d8d4-4213-a3b6-56ab2ae5a92b%3B6c348b95-f057-4bff-8821-bf92648e81ed%3Bd769f194-90cd-42aa-a720-3f17ba03c83f%3B4fb0e45a-c749-4b8d-88d0-2f7789a31784%3B0b8e637f-00f8-457b-8023-d496020745c0&l_pb_bid_id=58b63cac2b0757%3B59c9f1198bc133a%3B607918860daa18f%3B616ab5b9b4b8fcb%3B6206336e2b3cb0b%3B63ccb11d406ff93%3B645d39572f76826&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3c69718a-0b31-42e5-b262-cd1efea3539a%3Bdfec33d3-49e0-4356-b11b-60b7aadaed61%3B6a361bad-d8d4-4213-a3b6-56ab2ae5a92b%3B6c348b95-f057-4bff-8821-bf92648e81ed%3Bd769f194-90cd-42aa-a720-3f17ba03c83f%3B4fb0e45a-c749-4b8d-88d0-2f7789a31784%3B0b8e637f-00f8-457b-8023-d496020745c0&rp_maxbids=1&slots=7&rand=0.7165227114009669
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44949313c604b4472ff1ef7fc7834736ab03a3219f96491a70d6ef648fa33b62

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
376 B 208ms
75ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hayat.ba
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 07 Feb 2024 15:52:56 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 153ms
47ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:56 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
696 B 146ms
48ms XHR
application/json 35.156.69.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Fhayat.ba%2F&tmax=800

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.156.69.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-69-117.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
accept-ch: sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status: 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
527 B 169ms
67ms XHR
text/plain 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
108 B 163ms
48ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:56 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 253ms
141ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=53376042990&lsavail=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 311ms
53ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 356ms
49ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 310ms
52ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 311ms
53ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 311ms
53ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 306ms
49ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 309ms
52ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hayat.ba
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 24 KB
2 KB 579ms
426ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7c634890a4e176223075f050e505be0edd1373ae8148b183ab8c23f65b141e08

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 07 Feb 2024 15:52:55 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://hayat.ba
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1449

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
350 B 163ms
49ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:55 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
268 B 139ms
40ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

919f91d74202fb6408c6eb48a99a201782925dd380fc694fcba6c46678e0412e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ 68 KB
26 KB 47ms
46ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0a1dVJZ9BTT2FeKBeeIa3CnwEjZKLe_H7j8KS5Psm7_N-gdOe2XV8w==

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ 84 KB
36 KB 58ms
57ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82721
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8Q-H353skeOTwrUsM-dOju8pYSkJPaPlUnvN-RGdLU-FbdefdHl1lg==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp&cc=1

85 B
194 B

152ms
151ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp&cc=1
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f96211e10241b6f153e1ef2c6bdffd3d95f5dff303a70fcdd4ebf5665b3bb3d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-+MJhY49Z0WuHR/V5AN46LL3ny/0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hayat.ba
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 07 Feb 2024 15:52:56 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://hayat.ba
location: /esp?url=https%3A%2F%2Fhayat.ba%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
329 B 193ms
59ms XHR
application/json 63.34.44.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-38.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1ca3efafdee5245f13018dd0be34d9474659f4103ddeea204848aae9e5c7a75b

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hayat.ba
cache-control: no-cache
x-server: 10.45.11.46
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 16D5 14 KB
6 KB 49ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hayat.ba

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 351692
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac Show response
config.aps.amazon-adsystem.com/configs/ 564 B
829 B 153ms
52ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 14:56:05 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3411
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: V-1_c8AUi084ftXaRaWtyBDZRgbEZDcg3R23e9kKpDx2YMVVIAe60w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 50ms
49ms XHR
application/json 52.222.168.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fhayat.ba&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.168.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-168-86.cdg52.r.cloudfront.net
Software: Server /
Resource Hash: 5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:22:02 GMT
via: 1.1 16a28c0e67da18fa2960e2e414084d76.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P2
age: 12654
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://hayat.ba
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3623
x-amz-cf-id: 9DHHsK1gc2Pb34htPZ2Tfk3ykTLeDjP8oM7-DXFLup-9JUClCcgYEw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
353 B 174ms
79ms XHR
text/javascript 18.245.47.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fhayat.ba%2F&pid=WcwOvnFi3Lrgt&cb=0&ws=1600x1200&v=24.205.1508&t=800&slots=%5B%7B%22sd%22%3A%22hayat_ba_1000x100_anchor_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_1000x100_anchor_desktop%22%7D%2C%7B%22sd%22%3A%22hayat_ba_1070x300_top_billboard_desktop%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x500%22%2C%22970x100%22%2C%22970x90%22%2C%22728x90%22%2C%22970x90%22%2C%22980x300%22%2C%221000x200%22%2C%221000x250%22%2C%22970x300%22%2C%22980x240%22%2C%22980x120%22%2C%22970x200%22%2C%22970x188%22%2C%22970x120%22%2C%22950x90%22%2C%22728x100%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_1070x300_top_billboard_desktop%22%7D%2C%7B%22sd%22%3A%22hayat_ba_336x600_sidebar_desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22336x600%22%2C%22300x250%22%2C%22336x336%22%2C%22336x280%22%2C%22320x480%22%2C%22336x320%22%2C%22320x320%22%2C%22300x300%22%2C%22320x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_336x600_sidebar_desktop%22%7D%2C%7B%22sd%22%3A%22hayat_ba_160x600_siderails_right_desktop%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_160x600_siderails_right_desktop%22%7D%2C%7B%22sd%22%3A%22hayat_ba_160x600_siderails_left_desktop%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_160x600_siderails_left_desktop%22%7D%2C%7B%22sd%22%3A%22stpd-xlhfv%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22980x300%22%2C%221000x200%22%2C%221000x250%22%2C%22970x300%22%2C%22980x240%22%2C%22980x120%22%2C%22970x200%22%2C%22970x188%22%2C%22970x120%22%2C%22950x90%22%2C%22728x100%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_1070x300_between_posts_desktop%22%7D%2C%7B%22sd%22%3A%22hayat_ba_336x600_sidebar_sticky_desktop%22%2C%22s%22%3A%5B%22300x600%22%2C%22336x600%22%2C%22300x250%22%2C%22336x336%22%2C%22336x280%22%2C%22320x480%22%2C%22336x320%22%2C%22320x320%22%2C%22300x300%22%2C%22320x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F272140683%2Fhayat.ba_336x600_sidebar_sticky_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C2099%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.47.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-47-29.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
via: 1.1 3d95fd99ed5f07db9d464a35af433056.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://hayat.ba
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bTgYyZ_XHwK3pDOrQyNlrd5EaxpIeV7NfIVltb_03kfa2ZVJavWzWg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 149ms
52ms XHR
application/javascript 52.222.168.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.168.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-168-86.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 03:10:51 GMT
x-amz-cf-pop: CDG52-P2
age: 45725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Yj8M3LhYz99eJKfzwiuKcxtixquPbrbITKNul8MlrMpG_YvJhc7yOQ==

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ 0
45 B 211ms
39ms Image
text/plain 89.149.192.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-length: 0

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 251 B
525 B 139ms
40ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a86c6d5bd2df6bb68c3fea0f150874b634289d3d1b0e3d5268fb5ca7be9598bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hayat.ba
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 160ms
40ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 07 Feb 2024 16:07:56 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 52ms
52ms Script
text/javascript 13.32.110.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-114.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 02:12:53 GMT
content-encoding: gzip
via: 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 49596
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: _Cu6c7PRS8MuZEDZF9NMJRu7tMGs4OqXPY9r_nXSV89nDZjauPM8QA==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 175ms
53ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fhayat.ba%2F&ref=&_it=amazon&partner_id=533
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01C975WVAA3JDKHJ
age: 6048
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 851ccd89aab55c92-FRA
x-amz-id-2: hxb2Br8vf2uBBniSeqakgjztWKIPtATtD6bN1gV+n3Vg6mNMl2rDRQL+gF8pDyHWIII6UuGjSsI=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 87 KB
25 KB 153ms
54ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jan 2024 10:08:32 GMT
server: cloudflare
x-amz-request-id: 9STWTG5Y13902A0H
age: 3143
etag: W/"e88c8a94cbeb20543c62bf06c653a335"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 851ccd897df5bb8c-FRA
x-amz-id-2: EAuS+XjpI4/+yiZzASYiD3h+O46067kCsGEuHLc/UB9FNz7cceFLnjitSCzqt20+s00rSVX/oEAAMYfYGu/YCg==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 159ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Wed, 07 Feb 2024 16:07:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 16D5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hayat.ba&sn=ChromeSyncframe&so=0&topUrl=hayat.ba&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Yi6EwHxLUGtPTGtYMnFCM1Z4d3pFTGZTTWNUNGlpZXdvVm9RUUk3NUM4TzBveE5PQkplM3AvY1JjYnhIbjlLcXZuWnFXVWpTNzN0UGFkV0hzbnlITkx3cWh2UWlJOGgxMUc3Q0lwSXBmOTV0NFZZaG1mZENNUjUzbXV3Wk...

441 B
653 B

43ms
43ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Yi6EwHxLUGtPTGtYMnFCM1Z4d3pFTGZTTWNUNGlpZXdvVm9RUUk3NUM4TzBveE5PQkplM3AvY1JjYnhIbjlLcXZuWnFXVWpTNzN0UGFkV0hzbnlITkx3cWh2UWlJOGgxMUc3Q0lwSXBmOTV0NFZZaG1mZENNUjUzbXV3Wk1CYnVIRDhYNTBoWTc0QW0rT0FXMXJWaXlKQzhtMlhFVmdLT2lKeng4ck40WG1maytEdG84TGFwOHYzWHo0Q0xLWmdyU2QyZlJhNlB5N3FFb1EzNWVJenZhcDA2V3pyMUFRM0tqeXc4ZlNhN1JiZ3gzR2NwWUZxVUY4Nzl6TzZqYnhIQUthZDQ5bHhCdC9TY0RlMVZLTy8yTHkwMEFiQT09fA&cppv=2

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f472dd52d6f65b4b97bc36b487d50947f3f6d60ea051857c0a0f914b8eb06fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1210731
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Yi6EwHxLUGtPTGtYMnFCM1Z4d3pFTGZTTWNUNGlpZXdvVm9RUUk3NUM4TzBveE5PQkplM3AvY1JjYnhIbjlLcXZuWnFXVWpTNzN0UGFkV0hzbnlITkx3cWh2UWlJOGgxMUc3Q0lwSXBmOTV0NFZZaG1mZENNUjUzbXV3Wk1CYnVIRDhYNTBoWTc0QW0rT0FXMXJWaXlKQzhtMlhFVmdLT2lKeng4ck40WG1maytEdG84TGFwOHYzWHo0Q0xLWmdyU2QyZlJhNlB5N3FFb1EzNWVJenZhcDA2V3pyMUFRM0tqeXc4ZlNhN1JiZ3gzR2NwWUZxVUY4Nzl6TzZqYnhIQUthZDQ5bHhCdC9TY0RlMVZLTy8yTHkwMEFiQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 293105
content-length: 0
expires: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ 0
239 B 177ms
44ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 39ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Wed, 07 Feb 2024 16:07:56 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
329 B 59ms
59ms XHR
application/json 63.34.44.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.44.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-44-38.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2156038eff7d2881ac962201614eac0c8c90dcd1fc9de423f8895cf4da9012bb

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hayat.ba
cache-control: no-cache
x-server: 10.45.10.199
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 93 B
308 B 152ms
151ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=hayat.ba&url=https://hayat.ba/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fhayat.ba%2F&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 153816163995b97109a94c93feb2822e5bba0a8a61e3a9ed57d2c4ae0971ad21

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 851ccd8bbaa69256-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 271ms
142ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=hayat.ba&url=https://hayat.ba/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hayat.ba
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 851ccd8ad97d9256-FRA
content-length: 0
content-type: application/json
date: Wed, 07 Feb 2024 15:52:56 GMT
debug: OPTIONS block
expires: Thu, 06 Feb 2025 15:52:56 GMT
server: cloudflare

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
458 B 205ms
43ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://hayat.ba
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Wed, 07 Feb 2024 16:22:56 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 3D53 199 B
298 B 170ms
51ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 07 Feb 2024 15:52:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1320 16 KB
6 KB 148ms
47ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=60134
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 08 Feb 2024 08:35:10 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 KB
152 KB 695ms
695ms Fetch
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2104438410499588&correlator=3090174804902069&eid=31079234%2C31080338&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&iu_parts=272140683%2Chayat.ba_1000x100_anchor_desktop%2Chayat.ba_1070x300_top_billboard_desktop%2Chayat.ba_160x600_siderails_left_desktop%2Chayat.ba_160x600_siderails_right_desktop%2Chayat.ba_336x600_sidebar_desktop%2Chayat.ba_336x600_sidebar_sticky_desktop%2Chayat.ba_interstitial%2Chayat.ba_1070x300_between_posts_desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%2C970x250%7C970x500%7C970x100%7C970x90%7C728x90%7C970x90%7C980x300%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x188%7C970x120%7C950x90%7C728x100%7C728x250%2C160x600%7C120x600%2C160x600%7C120x600%2C300x600%7C336x600%7C300x250%7C336x336%7C336x280%7C320x480%7C336x320%7C320x320%7C300x300%7C320x250%7C160x600%2C300x600%7C336x600%7C300x250%7C336x336%7C336x280%7C320x480%7C336x320%7C320x320%7C300x300%7C320x250%7C160x600%2C1x1%2C970x250%7C728x90%7C970x90%7C980x300%7C1000x200%7C1000x250%7C970x300%7C980x240%7C980x120%7C970x200%7C970x188%7C970x120%7C950x90%7C728x100%7C728x250&ifi=1&sfv=1-0-40&ists=2&fas=0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707321176823&lmt=1707321176&adxs=0%2C266%2C0%2C1440%2C-9%2C-9%2C-9%2C266&adys=7178%2C172%2C689%2C689%2C-9%2C-9%2C-9%2C1243&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C2&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhayat.ba%2F&vis=1&psz=1600x7177%7C1068x100%7C1600x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C1068x100&msz=1600x0%7C1068x100%7C160x0%7C160x0%7C0x-1%7C0x-1%7C0x-1%7C1068x100&fws=0%2C4%2C4%2C4%2C2%2C2%2C2%2C4&ohw=0%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C1600&ga_vid=58662235.1707321176&ga_sid=1707321177&ga_hid=995121510&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYxuCWotgxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjG4Jai2DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YxeCWotgxSABSAghkEhcKCHJ0YmhvdXNlGIDilqLYMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lURTQwTkRCMGJHeFVOSEZYUlVSbWRqQlNNVEUyVVQwOUluMD0YweWWotgxSAA.&dlt=1707321175329&idt=777&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dskyscanner.de%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D1000x250%26hb_pb%3D0.10%26hb_adid%3D133b04724a9f57f8%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=713594834%2C2820045679%2C2950936150%2C2152365933%2C1717125462%2C276400642%2C1618479094%2C3686816795&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

494140099b76c96798050f1ee3ae36510b847d087edb669a216a188da2f7cb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155463
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3B20 6 KB
3 KB 149ms
47ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 44 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2419
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14246
x-xss-protection: 0
server: cafe
etag: 1834480086689483259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 15:12:37 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 40ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:56 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Wed, 07 Feb 2024 16:07:56 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1320 0
42 B 182ms
49ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81475105&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:55 GMT
content-length: 0

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 60ms
60ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/4138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:52:57 GMT

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 173ms
56ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b64d5b41a149b22d8d000ee5d26800e4a28d31c383d5742444aee4cef36e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 15:52:38 GMT
server: cloudflare
age: 19
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 851ccd8d6f9a0857-FRA

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 172ms
87ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 08 Feb 2024 15:52:57 GMT

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 323F 199 B
202 B 64ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 07 Feb 2024 15:52:57 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 167ms
48ms Image
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by: Host: hayat.ba
URL: https://hayat.ba/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 172ms
85ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d2904ec7b7d27adf5540af959fe710ab94127faf50ba82ca841cadb70be29d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A89C 14 KB
6 KB 48ms
47ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hayat.ba

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
server: Kestrel
server-processing-duration-in-ticks: 982634
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame A89C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=hayat.ba&sn=ChromeSyncframe&so=3&topUrl=hayat.ba&bundle=CLvtPF9QWVNjJTJGMTJJRVVKMSUyRkhFJTJGempYdE1Ma0NYcmJSMUtGJTJCdVVBRnY1ekFxRkhrTSUyRn...
https://mug.criteo.com/sid?cpp=i7xaUnx1ZC9VWWY1NGtJR2pwMWFTVVRKbTgweXcwZHgyaGxYb0Z3cXZ4VUxuekNOV0d6cFBCNHVQUVB2eWs3UHVaYWl4QXFDQ1o4YUxKcFJZeUo1TzZGZzhxTlA4aG5qMUU1cGhkSkFENTI3ejJwVm9LRW9LOUQ1YmtTa0...

454 B
659 B

43ms
43ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i7xaUnx1ZC9VWWY1NGtJR2pwMWFTVVRKbTgweXcwZHgyaGxYb0Z3cXZ4VUxuekNOV0d6cFBCNHVQUVB2eWs3UHVaYWl4QXFDQ1o4YUxKcFJZeUo1TzZGZzhxTlA4aG5qMUU1cGhkSkFENTI3ejJwVm9LRW9LOUQ1YmtTa09qSmtmUEQzYllnR0tQb3VPUE04N2N1dlhTN1NPOWx3Z1Iwb1ZtYjdCQnM1aUs5cDA3d1hTcCtHN2JXU3NqRDhEb1hmSW5BcFRMWktJZ3NjVEp0a015aStUTjZkaVNDNGZFczgraFlwbU9sUGQzVmRLd2todE93VGpsa2FoeEdIUmpnT1JYMitXUmQ0OEtoYVBiUExEWCtOMUJVK2FaQXBETFFCaG9BbmtkQy9GYWw3U09END18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

928a0e26ebe29046fd073cc54ff875ed6e59f506f6156244a80b224753c97895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 780507
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=i7xaUnx1ZC9VWWY1NGtJR2pwMWFTVVRKbTgweXcwZHgyaGxYb0Z3cXZ4VUxuekNOV0d6cFBCNHVQUVB2eWs3UHVaYWl4QXFDQ1o4YUxKcFJZeUo1TzZGZzhxTlA4aG5qMUU1cGhkSkFENTI3ejJwVm9LRW9LOUQ1YmtTa09qSmtmUEQzYllnR0tQb3VPUE04N2N1dlhTN1NPOWx3Z1Iwb1ZtYjdCQnM1aUs5cDA3d1hTcCtHN2JXU3NqRDhEb1hmSW5BcFRMWktJZ3NjVEp0a015aStUTjZkaVNDNGZFczgraFlwbU9sUGQzVmRLd2todE93VGpsa2FoeEdIUmpnT1JYMitXUmQ0OEtoYVBiUExEWCtOMUJVK2FaQXBETFFCaG9BbmtkQy9GYWw3U09END18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 343195
content-length: 0
expires: 0

GET
H2 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04EE 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1886 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F949 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF3C 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2037 6 KB
3 KB 43ms
43ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F9B 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:56 GMT
expires: Thu, 06 Feb 2025 15:52:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 189ms
102ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame 04EE 84 KB
36 KB 46ms
45ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 95U9_JxjlyrgmX90f9eJwp8PYmd99xbj5g4gJ8bRMMP48pIpZt6Rsg==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame 04EE 68 KB
26 KB 60ms
59ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ce-ZLO_PH_1gEU_t1iruvQYCcUAuWWGm1CjwPd3QgtVguCKeOmw7YQ==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04EE 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BE6-jbneC9fbDK7-sTxpSyE3Udnj5FHfgbmVXY0aczf5nFqMEZZoJXaTV0H2G9TLvMY_gnjJSE53eqFSMHqhbKTeNOpjC5AUcy2yk60faWKN-5Tw8

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 04EE 93 KB
33 KB 162ms
82ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 04EE 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 04EE 20 KB
9 KB 80ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04EE 205 KB
65 KB 193ms
105ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame 1886 84 KB
36 KB 68ms
68ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: YEL3u7TioXUMAnDaamw-t3E2EDGm9-UmUTYa1eobEuvP0tjZwjpaVA==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame 1886 68 KB
26 KB 83ms
82ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gjB3TIGg4gWMWySPCDRvcpSqjO5BkUWchA_Aa1gNYB-QJbN7wyrv3w==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1886 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnqBK-RTx4OZh3NEkSPjMU-xdzkofFfpV6b4GsT5VUCgdUrRU7fFvUxRz8l-9PTmoZ5GMdv8dQK5PEPMZ4zN_rueWTA4n7NKfRc1e_Zxvc94aB5ew

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1886 93 KB
33 KB 157ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 1886 3 KB
1 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 1886 20 KB
8 KB 89ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1886 205 KB
65 KB 320ms
234ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame F949 84 KB
36 KB 83ms
82ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 98903rfXkF8CO2DwBn2jcV4Xj38KyRUp0zbmPpx1w4poxez3WGoybQ==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame F949 68 KB
26 KB 95ms
94ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LAOyZ0U62lb8yliutgQEpLqUEGjRkd_-zohPdLXTEoLANSnBGFdvSA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F949 42 B
63 B 70ms
70ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0ktvuXVUVSMqvK8TKZGzPpv4LD0cLsnIH5G1R1vQwEIlpSrX3VdPfMxYQoEszTRA_aQe2HJneEKvUWSitLm3oCt0GSHZNob8n4gyH9tFWjs4YZwU

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame F949 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame F949 20 KB
8 KB 72ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F949 205 KB
65 KB 287ms
212ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame DF3C 84 KB
36 KB 101ms
100ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wU8Pa3LDYAn13oYCSYcXdSiXaW-TAbLRtFncn3kaXyF4RR97c8xZXQ==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame DF3C 68 KB
26 KB 106ms
106ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: P26QEtLU4aCs_1l1RJU3oqMUrgbfJQhyV0kJO3xko_bgjbLJ7yGPOQ==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF3C 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5R78YtbH7ngzcK72_nmI2YdfeS7cabHXpBse1IjfQEHjLrsxu1bZYIVAm78aCOr5hiaOAH8hC9lFRuAZXk7boJYzlSsWpGcOIXUWRqcOK2u_ggyY

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame DF3C 3 KB
1 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame DF3C 20 KB
8 KB 103ms
81ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF3C 205 KB
65 KB 268ms
196ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame 2037 84 KB
36 KB 108ms
108ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5ZGq_SLLdNw10SjzhcWjHfD_l2j1QEeC1WqqS5N1iLdhS-l58t8j2Q==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame 2037 68 KB
26 KB 111ms
110ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7h5D3X-W_IqJKUrPamNMvh86La3QtJ2Kyg1kGLFwp5IwZfq7rm8yCg==

GET
H2 200 css2
fonts.googleapis.com/ Frame 2037 4 KB
767 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 13:57:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2037 205 B
650 B 143ms
39ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:04:37 GMT
x-content-type-options: nosniff
age: 74901
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Feb 2025 19:04:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2037 604 B
695 B 137ms
41ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:03:48 GMT
x-content-type-options: nosniff
age: 64150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Feb 2025 22:03:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/ Frame 2037 22 KB
9 KB 112ms
94ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 17:35:56 GMT

GET
H2 200 bl-904ac2d-795c7387.js Show response
tagan.adlightning.com/setupad/ Frame 3F9B 84 KB
36 KB 112ms
112ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-795c7387.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: JiQho.OgJ8dNOUrOzz43NNfuPLcfrr7d
x-amz-cf-pop: FRA60-P4
age: 82723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36053
x-amz-meta-git_commit: 904ac2d
last-modified: Tue, 06 Feb 2024 16:31:38 GMT
server: AmazonS3
etag: "bc6045bb3bab1183419039f1bf2cec59"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5sknltvW145El4XlimygiqFs_MCaqgc3wLnMV8ZIO6m-Pwe3VY6bGw==

GET
H2 200 b-904ac2d-53355591.js Show response
tagan.adlightning.com/setupad/ Frame 3F9B 68 KB
26 KB 116ms
115ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 15:54:16 GMT
content-encoding: gzip
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-version-id: kPJhXXWG1Hq0AVBcmSAqAweMN.PW_rtc
x-amz-cf-pop: FRA60-P4
age: 172723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26319
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 05 Feb 2024 15:54:08 GMT
server: AmazonS3
etag: "05e9679509b61424a07cc4d4efb7247f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7xWjSCq12ddsc3qYA1nNVJ6zzFE_39PGxkGnlxZKKKz8gSXIekg53g==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F9B 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9KSvf5kk8WLHV_1XChq--uWCSZcPHAGbHIxyuc6HscBEvmEXIeyrlGpBjjqWy8AiXoBthQXnKyD4o9OUHK0PU1zimnUQs_kP37ycGTHrAUB6YFgg

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 3F9B 3 KB
1 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame 3F9B 20 KB
8 KB 102ms
87ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F9B 205 KB
65 KB 240ms
175ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:58 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A1F7 624 B
827 B 168ms
78ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNWXdK8pP_8S0qNZ8OCXUk3_WjuGBqlGzWfUQI8wdysCApzaLeBqm4iGqJjk9vYNTpA5h1S_4DzHZXT028kWcrFG2oLF3sXXpMHmtZ-kwTDk1lY4n6emSVUK6SjiyHjp5rXlEm1M-8XerVTwCz7kB_HlmT4sjWyHcfvb5__P9V01ujDCkC0

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:58 GMT
expires: Wed, 07 Feb 2024 15:52:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04EE 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=609201988446&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04EE 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=609201988446&version=m202401290101&ct=77&x=1&cor=12689780799825600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 04EE 33 KB
19 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3A_SNvzPIHJNtRZupWZBSvxDO7t61XdbJyhcD2xCw4e-OIrrgiun-ue-4FOeGw1J0Y3wZNcdqRU1OO6rNYcQkLi4zXrJf0GCRspm-hdlLPxXDKAUaukN1LtG6Z7vEYPU3oa3Y3xOG15px8QmdjINR6Y1OakrCSvLVZ_oxGuWhP8PBQkA&cry=1&dbm_d=AKAmf-BV3EJhgPX2Z0bFk7WgaDJ2gcTTP8I1CobGun7-e7iTkvGucXg5bD3L2YxQDweAzuebFKfGMoQMY4ASK4xT0AviMne99hLep2cc-se_J38Bue9WwKN1pk8RYeYDQLfDSs5v_sXpFyJU4ecvmCMX91C3tdxSv_Zcl1FR5KQ2oNMagcRvX-B33CedeOt7N2RUcB4AeG8e-WpmWn64F75dFriQWmsJR_9eUedTUvKx8iiItl2ysHxZ4i8yJZZ6CEJwr82mucVDyZJR6IGH-POzmHa3iolgVXrRVo0xw9VghUpcGlXPVlyqTD2TH8H4gbCnvKYLYAvXO9T40l2LfZfoLaYL2wuYUb4ChYMqUb2jB66ZTpMsoIiZfe5aYk-TX5dEQllFc1hkw50cTpd2okc6gHgxmcX7Y6aZZLqOLO2m79kD0m_kHZKK1XZWIEBKVhZgkNizDB7OkzmebXOYzzQU08NbCOIacc9FVbT0FFSO8ypi8ppoz1mtcZu151TCG1WfdpYaTaGSOnjWG25-h-qQV1P2BMN_i8s3UkbHxUAy9RsWxyaDxqRy3Xkwqgkq2fdfOCuSBP8Hn3J5hSueiD7TAfDiVDX60y1DwkXULdkUwUnNBhVRXqbz9zrldtoj1fekELtKkPu45hnmkt4CuA72IAfSDxftwBuWtZgmIKfQl6fGs2iFOnPoAuCECq1Pv9mlXhMj0oOGQRPSuUPfxSj_MOg7lNfnDIP-xdx8-MoZ8ZUThUGE_aDDvlLsQXCdcWBeeUJy6U9LVfiAI8Ss8dBLt0Sp4Vqr30L6Z7JhEkd5WrZ2MvJE9BpJ76DWyxo8SowIAfRFVx9F0Y8Vn1CrD95NVYAR9gX4a2m8F_w-OEAhyQO8cDOXLDdP7pWY-qEFBcoLQ3qM-CVet3rI2yAl6I3ti_SDEa1UkVLc35fXe8XvhPxrHq5JaJwlE1gbB_zxK7YuQ5WRjNDnJ7fI-TvNxXmzg81KkcVzMHmHsTHCelmcxUvcbw7_xuHILkixso5U2z8RafU0DFQ_q5TQNt0_quYSnNcITnDeoCWqfkCpip6jHR7slZfXrhpyH20K9KNaQbZfUiBBsVQw7VrZWCSe-GBLHRc1v0___1hn44vbQNFSo42XvPncUC-mxRgDDvoYwbKcmq9KEpzt94ja3K80P0a8Cx5q20Mw97lhQmunWqhc_pu_SgP8DSQYRebkrPAYI3EPiVd79izEtTCdhNRCf-_zNi1TyOFVy0Y2cDWLqYRkB169IOrA3QVHwsOTHLuAgCtexvAuCUkA3E5df694SkaxaeJa3j-RB-n9TKfg1n33V18k4NuYnpLMM7xsfR7Sbspc4HEG2USuVWG8OIWBu-7Ww4HfT2tDlf7mo7z5cm36TT5a2eiDQQ3uhf34ni7uXx_3wNagRHOle1__wyVKtv57LVBAxdDpQpx0W_4y7GoUkAJqGMF0nu8qkALtoJUMuwjWHoggG26A_A8XX-o8hoAJ1-Z-gTA2rQUI3VROtrP7i93BvB712IyJG9wkYj0QxlfO02bW4eCR29gMHN_30U1Tm4Wc1ilskJy-jHC3PTjaTZERCMYx2lw5ahYCBlOWGe87JiXAmbrHh56mkjFBFUcLeo-Wh9ehbCx9VBoa8E30-xbncocnL-Fwh5SEvXmgB8O2qJ_q-RYs_QvL80B2COvaU_w-cN7oVXFA3ZfQCw7oC7ZxKF37mcnTKjt3s7rwLZvVN1wj1tyfv_KRk3BjE2f6GIXB7qRl0xXfr9D8c5-kexYELJKouHvc6msbcrmYUUyOgtANB70BL5DKry3cZB5g667N0_SssLy0T_OlTUlPQjW6YxiZo0m7hordAs1vDjPY7lfdmPB1guPXKPo44vaIqZshZ9wb7JoeixS_lBFZN3LW8LAzjZ0J-9DBH9yWcAfCy55Y5Kd3H98ZiHEPgQsuW-hsEuzpQvBpRHfI5Y-D09SGMbjnYo9kzSvpn2h6Jqa5uyhhGMZ_R_IVm3ag9LQZ8qvRkOM7D7eZj9CIGtF-JBwlsXY8lf9lPDpubcIGPZJQjLd_h4CPC-YAag7rGDWgIKp3i55EqtF0CK7iFFWTjJrU0CGUODSq7uFl0rQxO-w_MuqIRL_Gsj3evx0Y9s7fWkUbcV0EUv6vdm5A4BiKHChET3VS3TJABKZvtY8a-8gRYq0qUHE1MoNYCygJXhEWztzXjINujI6ArKIn-A9KUaCFp2uvHrJ2jxufMSgSOfpQQsbo9uxzeHVSSBiTP6hJU9JS9tYGvXBXkY_MV7VpMPVshIb0sV1-VwonQRyQIcddjYdXSfPXxZxiXIt1Z9dzfOeCvPmuSodbluJldwrcGfsQDPaI-Mue4HzWUjgQpm6utbZtGghGaizoCttVbVyjMzw10HoXBqJTtsAcmcYaw50BYUlm3urZRJyMCFzMG4dsJuD0YinHYmDsA_nkrjYR8qMuHiCIJFr5UJTA68JXVc0DmZIhAEnVFCvd7sp5ohnyggGtnP89s9OUouyHnS-Jv7gOddkYTabSS_VyZemWPdhgSjk1txlPJlqYlLb3qGJVvXiWj8kb9iOiFayPVpLvNp-moWbqB6MsW4loj4K32RnspfaNd4JKOTUsh9KuUlcj8_HCvRZV-nNflxd2mL_bEOATtAw5N86LfbZdroQ93FkLhY75pEyY2Iu4Q9E0hLOgDDQMv39zPZEUM09KEPyOBFhO2Z8i74k5hz5dHCtsWqpwkLXaEIJ3p1T4CBDPY4sefmplttf0cEvFAnhLJKqXfQd7BOg1dkhDVoy37ewtDpRCMlxO8oIpkGTWMMHeEumC29uSlXcqOpshQh8agLhUhPQLQKi0lr7IFTEltBd7UzMLrqq-FHxGLc6fUDd9WkwIIzZo6uyP8eToYq3yYPwho60ZmrNxPp7x8cz9yNZ_wvc8hJdIbtEL1tl8i-gpnrn3cIE1lC7E9h5WropBTpthuvzmSz5SP7LvapcO_7Ut60mY9hhtJJyiCf95XbxEM2aF55iCX161HJX539-7m9Lk-FTq0sAXBhi59g1chYX6XQTgRkd1BKxCGZmTiuuSrwPEqaIbG78VZVH11cWc9XoGpDdNVer2xhn7klgUMNHVgPBqSQuI1gFf-IWTd7ExK5QmQNNJr-5-nWvW6Rz_XNT2tmThU0rpHIHrjLmsxFuQ7vndZYTQ2qOv0OeKoAxWqq4qn0TqDgkDnwyK5kh4UNg3zR-MG5ITX7CTaLV4GHZ7OKHJdZNFQ-9WOLHfp0pvmbVTleaTHbzu4AQhrdyXO6WhGgSVbD94naPf6LZD0B7kb4eY_cz7mfwtj_9y5Bglh2Gv3dQjE-v_HXmN_HrynGKIpkGcJKVP1zujw3mkHzgMcnrnVuR7b67itbpODXer86n5S416ZVTfu6G0v_gzcQINBc-GV3K9dIWvJRJOIM8vJqZEnnEYnNPNBjybULknwjhWcFzx9PfvV53FUetdDQLDUCXTxlw45hQWqg8CI4_DZf3qSlw1XTnN35ltpkRAOwGfkrEeL6tDJml_ECb4rLDvrVscqLZKIYli5sy-SwbrYMWrcIUVrIjVZZfPkg2GdsNFqo17k78zPN6cwpjgLvEKd8qzWdo0dJlCQjHHGRn2tr11JUWJN06ELgtt0El_E9LFPAexLj8HflcijYTzfUcZ4N9ziCg9KQSQEvj9ypDXqtIxEoaQ7T6REsOstOawjBG3oIFlzCUOB3YET8arebaim3Ix_8DfyJcCysfZK5DAJP31ah4d06E&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhayat.ba%2F&ds=l&xdt=1&iif=1&cor=12689780799825600000&adk=3047537734&idt=208&cac=0&dtd=118

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d2f50c8154ffde59eee2e5ea17a9c7e0379f816f8e9c49a8c5d2c2d6dc93b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDF1 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 13:20:14 GMT
expires: Thu, 06 Feb 2025 13:20:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9191 829 B
1 KB 135ms
49ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac6eb6bb243d1478a3b5eca03d9c8d8d3e993533ebfec25183880ed73ec57785

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HKx2EXByIKkJePZgvyU52Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HKx2EXByIKkJePZgvyU52Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:59 GMT
expires: Wed, 07 Feb 2024 15:52:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A1F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

43 B
338 B

89ms
89ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNWXdK8pP_8S0qNZ8OCXUk3_WjuGBqlGzWfUQI8wdysCApzaLeBqm4iGqJjk9vYNTpA5h1S_4DzHZXT028kWcrFG2oLF3sXXpMHmtZ-kwTDk1lY4n6emSVUK6SjiyHjp5rXlEm1M-8XerVTwCz7kB_HlmT4sjWyHcfvb5__P9V01ujDCkC0
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Wv%2FLOeILOr48twaUBdE964%2FeTVpypKlPta%2BnUXASez50UGTXkFS4k7LDlVQgT94PdOkxxs5mc%2FJPbL99XMaG60olyfkUg6cKbdp4gjzMQ8B6TIkCwdqEfLwd8Tzaeqs8VJDDpasRp4Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9c1873452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A1F7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

43 B
778 B

74ms
74ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNWXdK8pP_8S0qNZ8OCXUk3_WjuGBqlGzWfUQI8wdysCApzaLeBqm4iGqJjk9vYNTpA5h1S_4DzHZXT028kWcrFG2oLF3sXXpMHmtZ-kwTDk1lY4n6emSVUK6SjiyHjp5rXlEm1M-8XerVTwCz7kB_HlmT4sjWyHcfvb5__P9V01ujDCkC0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEGiASoZ4hu7kL2TpMQdjkiYfwCFrCLD%2B%2FZjUJG5hpJj3RuNWdzmGbKFgYGvQywnZ3%2FWIlmmqapbqaEY%2Fv%2Fh05EyRrjY%2BBsHXXUQJOXx57e7wKG3kMqkdTa%2FebefhL1EZcdOUBs1bz93lw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9e2c012681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A1F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE00VYGGZbgHLwWCKx3Mghg%26google_cver%3D1

43 B
1 KB

51ms
51ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE00VYGGZbgHLwWCKx3Mghg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGMfI3t4BMAE&v=APEucNWXdK8pP_8S0qNZ8OCXUk3_WjuGBqlGzWfUQI8wdysCApzaLeBqm4iGqJjk9vYNTpA5h1S_4DzHZXT028kWcrFG2oLF3sXXpMHmtZ-kwTDk1lY4n6emSVUK6SjiyHjp5rXlEm1M-8XerVTwCz7kB_HlmT4sjWyHcfvb5__P9V01ujDCkC0

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
an-x-request-uuid: 70d0e947-7cf6-4682-9700-3c0efccd44d0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
an-x-request-uuid: c11e37d6-c30b-45a7-a3ac-d673056ef606
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEE00VYGGZbgHLwWCKx3Mghg%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A1F7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

170 B
188 B

80ms
79ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
an-x-request-uuid: 47f840cf-01a9-473b-b42c-29ccfd1c82d6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 17CA 624 B
242 B 77ms
77ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPB3d4BMAE&v=APEucNWz1FcTPPQLC9GqyyubUIvQdJgvWEzgbCCN4Q4xpj0kXrpKKUAINULlB0uocx_Tdh52p44MAi0jia9p6bbQWlZqsek3ltCtNl5YpuSwL9UXaWCK_wulB78qHJKXXGetiv8u18HHzoinJa24wkiPykyueojqR34wwRKV6oIj5-IuLxYz3xo

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1886 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7599069681710&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1886 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7599069681710&version=m202401290101&ct=77&x=1&cor=15051853957637554000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1886 33 KB
19 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Di4D6lbYEVsQNO4FPWb1VrJ_xXokvciyaObY8mPXlb88jbl1wJshN5_d8iqNApGImMceSjHCOPdk6GGW3UWMRbLSGyBtMqOZKq4o6ZS5V7OPRLoUrh_EsZpScC7L3_Pkmuy5R7pdFQJJFKASsjwcG1haPmjxOoW1rX3K-RZeNB-n9fJa0&cry=1&dbm_d=AKAmf-BP4LOQHzSPfuAdOvOCr1ydntIToVQCszLKjLznmbwQxWTPMbnJpu_g-oi09M5siYbcU91yN8GUr73bMZbDrUAjm-k_9nlPsSCx4mt1JguzJNpbIVnOcgPNHugkRknodnd0KH197VrgB-sZenrnao_ihO8sN9t1FEXzrYHoR0iSmED833P0V78QyMPzqtnjafd6smv0GEas_ANxQzHn2-gf30lHrDZkYMYy2tCE7BbPSVoC4lMX2Zesg45axA19pLnEM3PzlxnAl1c1ee_wccoOwT1xKwbDmZAfanRCfNZ1Uo7bxUiHKwwtoET7pG03hr_U-IxGwW7MkXPBkhB-gGejZIYY0IZNNfWZLea9SQnBOzb9zRG2-P5k9nTf55bDq-2IDkmaatsuKPH1bMmKCEu_bjhALAZ4cIAPYKC6TcNDdvMIdleryxDU1SyuJEOgUfM-Y7qyWhDdLi3BSP1ezz6oVCX-5MSe1OdFOfyukbmVUbNinxwy2UOXanvuhAlBD_nTVmvgyJPxbdT4Mxucak2oSexVIqBNb4rwuKmOVn4ipRVzZdi32LM2ync47_aS9iCn35fwIMPQbjBefSu8gZLJ8kKkM-nFKnGl2ASbZ_VuuPaUhQTRqidChqJsFQgXllPFZLlz6qF8GnWzy4_BCH7AUzEb6S4QdRW3xghkVenwS_zLzvuKv5M9ytHCxGAeRUXCxlxGYZn3Offr-j4StzC9PBFUDRgQjPVGGnh9Rhdrd3pgllMwtE0JqvF3pCrMGViyYjHCQKAfIbWI-WlCNt1z4IRTWSU4l5ABxLhh9bLMaFaJ9wqiwAXleITzRBTdqFYt12fLjiIn0wztvZ35uhFdrFM1w9P_M8EgzSLOyVFVsPpJokbqxxcS22aruyyd-RIyu45z2WtrCXwbcb1e8o4ZtR0Fl4uTTcTBd_feHRN3WLDGsJKrtUPjkgfnlCmXHjhE59UqtEl-YL-aNq3MdmocjCrZflESFaM3nDvK20hA68_UQHk7ligSR2kkL_RJ2rxa2sEHeTpT2C9PzTbp_Rgc7yCFD9hJB69kMmGy-mra2kpYW1oB5AWSjo8wmoVNP-c3JaeJM7KGFX_DCZc--Tza1HkolgLNk49inZ-v03FgIzJ-olIy_fUot7ciC03uzdH6HE2jBwKQiRs9qiW317dga9Eln4Ws0UIcmyFV8x5C-V_kL8SWLq9i1xNTtsmXIfm9Um2A5AAMayID7qMLsYIYYY23mXTBVaWEn3GH8XTl5gAGmNEGaB0LQlnex3-0EXtL0B77fyf_hDO9QdL2z9mkdAiHojy6r5NjBo-fMrXmFLrIxTHHSdm2rWv4D_S38FWUUpbx6OgG7W9hR3sr9o0Z-xCV-tBvoold2gqQGPAz_QbCOY91nsWYO59btTMv3e5noXg5yCmfu_LvUeaKuJBEPGJftnUicoj-hpDO2BhQXul2dlYjkcV3KgHCDOh9D2VDMnq1yY34SyNNh_gJlM2eDinFft7XDHDA_lvjbTs7zRQd7CR4tsvofyLqLkOOTHVnzEkL5cXJq-596KoVDu6UGQeLzDOhVJeExA68oq0Qwgu8M9Ui-JnNVuJNTjvEPPiC6wPbwOihrlU5MgulB0-K_AIW-B5jrTsTc64nRJ7zzhzLowMuvoVg375phVRJiYKJx7jpIyPV0tPioeucMzRFt540xtDvjUN7wODEhejQI8petSddqYp4bu49xVc9OKgDndxmqJj8gxtanh2r0WgZ-c01N92zkKewFg1g3X2cygfIYxi9U0WWCmuPCSRZnqwvmpgaYO_o-d5bDe_8ac_mKnb0m_PyDOqjpeO4KKWwUpvcOZajUrgHP5T8eeoFyh0Eqlm9A7VKFGj0t1kfJaTtbStGgZ2x5hPWxl2W2xXy8UHGlKAohYtlIeZVXk6kfVE90sVdoZv7uzk7Ez9rqNbqGQP_xsOyRapKCdTSOO0x9I5QL-fZkDB83GcnNcIwo-6AamGmRZdXT8MIevwol8pVs5F5mDhbOfRGEnLJ_1kvKwrGIIFm7OY3ZPT0cVn4FRpn9yulyl6RCGPrQDTtkeWKvgSxEhqmjFifDAmY-zzn8MstWs5oLms0xzTuMMDdawM6HPmouSW6ogqa0nQXBmHnktSG9baatg94yeOCNRhPHMFUe-znUORB-8-FjwH5oJpaTOjb4se43-UKsjpiR1aa6HWMcWBMG5vYVcKUVsBI-4o_SPtX8VuFM7R50xG7lhI7q_vKnHraj76gUsZGvub6qzeG3fR9oZPfABGZEXbduju9h8oBKayf4FwwVB88gkdMerm0pDpmXvRh1lSU8ylPtBlrpuVV1WdhduF-fKcvrXCYz-qEwz5HUSuJwsSjUqChUC82itI3fSd60HX74mP2Mm_G7I2DytU4oMKOaszwJN4EsOQKGNZ1P3BhqcNBy_Lq7GvHkgTviCVG4RezapIrkAej2t6drmbjgFvGm2JczFsYVZ_o2O9jplG6V7ZfRj-M2rXRwoirGN9kAoUBDA1O9LlwG2DOcBcI78-fsECpQF7scoJG8LSu3HSfOvP7L6rdkKhUdZf5cODSIXuxJHX5heiIQnfzlWWJW-C3_2rag1q7eUdyyhr5hzLWD8GrcbkEzp3KX_-MvVohZCZhTI22kFLX4UcaJsDb-dEW_SOfVL5bYtiFS3rLhmbPnZTvJ5X2J3oGQzWKqeFP1GXPkkCSh4nn0vWtSMPm0Z7sooIWFbT84LTSBLs3f3gkUWJCgbOhbEVTk33q_ETYlJoQgjFV18UGmuNJLTqhtacM7jHDl72l6cvTSkLsuc6ZbbJkZUTglNUbloa9opVeUO0_PLFLNh2rG8rc4gM_7BG7ClW0ROK1rywOPWtjGu4-KE9hTSHvoOCuDv_--xNysGCWxCAr5X492odlDKIUUKwY3olgCyYMEwuZ3vD3mVMuG8zHErEBVgi9sv2TAYCWIohy1vSifIFBIS1reW1uLBt-oPaksoKx9FU76t2UZWNcnU3_QIuD0z1CYSN2F_owUmgnn6C4XEIB1XwuHV22Dk-0dpXvSYYeX4OemrE5Qq518_SQ48N37oBCYfJ0zKxV8nCVEY6oeC0iGstbTrYKAyfZenpPGS3mN4fAEAt1DgAr__wwdz4m0tzLd3A4wxwWC1uyMd5iFHvkOPn66r9IRLVbhm9zS1iArqtkYIlvBXUJV-0E7nw025GaA58d6d-MvZmThcji3c8hxB3H-JjfFX1FF-YW5PvObF3SXB8XhAEIOqWbxt0zix5FAYLLvJkFdxgNLlW3dvXtwwfxB_4diozJ8z8GJYdFoIbPdac2jgOgDkth2vH7BZifDbyXQ09fbAdVnjf7dP1qOMCzCvxaclrTVmg2S8q-LtR1X3cBhHqEIj8Wdv0am75ONQCB34WzI3DsHDlUOQnUEgyZAeWtTnCzXLRnaOH3NOCHkSyy_Hc4J4QWxmFq-ge6vWNMcbhByyJ4d5grGB_K-sttl4wp4lfeYq8J0iGe_fUCZq4x2mklUqqBJkI7aZjpe7I4Tr1JGVDrbFrt8fAcgrsjICJX7I7ML078_-Vk30DyqTFPVMNAbVv_5S8yM1MoRSvhQYDufDC5_p_CHZGr36CarbofO1lrCTgUgd7ShP63BKExBh5xeWme_V7ujtXmt3o7oLdwNfYHfwsMbQ2j3UZ-xwxX3XTzjwzVzjo_Y5XYxMx8N7PdiwoS4NFUbkfKlj6agbgSGmMSMVKoJ8E8G8niwsUyKRyD2nNara-da6wtd2wfBawSk91TfbfOI3xg&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fhayat.ba%2F&ds=l&xdt=1&iif=1&cor=15051853957637554000&adk=2857193499&idt=206&cac=0&dtd=103

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfda628c72c1e7bb5173f97d63dee0f7774f46bb655bd76768c63fc2df6cfaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19397
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B724 624 B
242 B 76ms
76ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNX7LQ-pCl0NgabItKDNZT_GkCJdk_MDZKyACE6bIBgq5U6Q62LAoy0O2gU9ImHqBZmLNvl9JicFVSbVPZ9GxbSVKsAzMY9sP7bYm_kVDHK1FAzXtkkuknEtLzaR7nwI1ookhrVYDXY2pu44AwtTRPWUIXEoOxA11s07iF5NHSVrozB4MWg

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F949 111 KB
39 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Feb 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/ Frame F949 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:53:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame F949 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:51:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:51:05 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F949 41 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AA64 624 B
242 B 86ms
86ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNW1ysJDnz6KMU3sbxIIIgfjY9Ls75O-IWAV-oIFTN1s1qpQTIEHfxD22r04EQ2RbY1U-NEUF4EwkfpTtFad01u8pMWp53RR1IxbnTN5zmC7fxbRm2lw-mFx3HFsv5zJtK8qV72wfmKfXBcQTPJKuLUkWe6P0_h_JndeCj_kbvVaJueHbcE

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DF3C 111 KB
39 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Feb 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/ Frame DF3C 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:53:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame DF3C 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:51:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:51:05 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DF3C 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DC13 14 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 15:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 15:20:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 15:52:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame DC13 2 KB
822 B 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame DC13 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 13:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 13:08:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C9FB 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame DC13 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 12:58:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame DC13 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC13 205 KB
65 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:52:59 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame DC13 37 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 20:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 20:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 May 2024 20:27:51 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0F1C 624 B
242 B 79ms
78ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCAjIgDEKCehpwDGMHriIYCMAE&v=APEucNWepHjE--XL-WJPvasOcl276PYCU65JgaqeSiyHj5eM9-D631py9m5-y7Mo2PzGO9aMlU2s6ZM_olOzhvOmkN86dFNkOaQuS10Y_8YDJVeVb7qvcag_81PKgjr25H5aDOfPCl1Z9WjQRpCdpB1Lea1VmC1vGyypd5lgUU0QDmwlOGPJMLM

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:52:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3F9B 111 KB
39 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Feb 2024 17:14:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/ Frame 3F9B 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:53:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame 3F9B 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:51:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:51:05 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F9B 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame 04EE 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80364
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11928
x-xss-protection: 0
server: cafe
etag: 10551285868935850944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 17:33:35 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 04EE 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMyMTE3ODYxNDU3NwogIHNlcnZlcl9pcDogMTM1Mzg3NDI0CiAgcHJvY2Vzc19pZDogMzI3MTcxOTQwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 04EE 0
836 B 194ms
91ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMyMTE3ODYxNDU3NwogIHNlcnZlcl9pcDogMTM1Mzg3NDI0CiAgcHJvY2Vzc19pZDogMzI3MTcxOTQwOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTY0MzU4NjEwNTE4OTU1MzQzNjAKZGVidWdfa2V5OiA0MDM4OTk3NjA3MjY1NTExNzAwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyNzY4MTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTc2OTYwMDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExMTE3OTk3NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA5NzQzMTk0OTAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjcxMTcxMjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLnBsIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x383c79b4db54b2830000000000000000","13":"0x8d08418958aea6250000000000000000","14":"0xa4596381904e08fb0000000000000000","15":"0xa57463453c6f6a5c0000000000000000"},"debug_key":"4038997607265511700","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"16435861051895534360"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 17CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

43 B
736 B

115ms
114ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPB3d4BMAE&v=APEucNWz1FcTPPQLC9GqyyubUIvQdJgvWEzgbCCN4Q4xpj0kXrpKKUAINULlB0uocx_Tdh52p44MAi0jia9p6bbQWlZqsek3ltCtNl5YpuSwL9UXaWCK_wulB78qHJKXXGetiv8u18HHzoinJa24wkiPykyueojqR34wwRKV6oIj5-IuLxYz3xo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4R0WpmIFI5wHbcv2qsHW5Z%2FtSTAj%2BWQO3nXJzK7LZ%2FKm00Fn4eSR63sKQeYQCDUtVQ3fS8qnyCdjzTpOcvZj5NtmjTQhDKCHH5lG56vhKgVGtJdIlnG4%2BFeC7fmRFKRaTVqWJ58c9TMPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9ecd132681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 17CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

43 B
735 B

107ms
106ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPB3d4BMAE&v=APEucNWz1FcTPPQLC9GqyyubUIvQdJgvWEzgbCCN4Q4xpj0kXrpKKUAINULlB0uocx_Tdh52p44MAi0jia9p6bbQWlZqsek3ltCtNl5YpuSwL9UXaWCK_wulB78qHJKXXGetiv8u18HHzoinJa24wkiPykyueojqR34wwRKV6oIj5-IuLxYz3xo
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cizdyfyN%2FX2%2FjSvZxWNbVVwuRIaa79e32REQ3HLkBoQnQSge3cJWblUb4vKW%2BnZLpBSgf0V%2BSAalpHCPTFYI6BFvnd1gwwRdMTHYYZSBBvxg6ee6if3GvHjRYcQK7I2o1blah6WANcSXCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9f5e432681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 17CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

43 B
1 KB

44ms
42ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNPB3d4BMAE&v=APEucNWz1FcTPPQLC9GqyyubUIvQdJgvWEzgbCCN4Q4xpj0kXrpKKUAINULlB0uocx_Tdh52p44MAi0jia9p6bbQWlZqsek3ltCtNl5YpuSwL9UXaWCK_wulB78qHJKXXGetiv8u18HHzoinJa24wkiPykyueojqR34wwRKV6oIj5-IuLxYz3xo

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: 28f61e31-ec5c-4cfa-94c1-5d880d813463
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 17CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: c56a95f6-57a7-4fcc-8d14-eaaeb6cdf3f7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F949 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb0f14c42e7be3c99f57c8f679fe5a19701b35e1fa7850790bbed48225ab8da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B724
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

43 B
733 B

79ms
78ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNX7LQ-pCl0NgabItKDNZT_GkCJdk_MDZKyACE6bIBgq5U6Q62LAoy0O2gU9ImHqBZmLNvl9JicFVSbVPZ9GxbSVKsAzMY9sP7bYm_kVDHK1FAzXtkkuknEtLzaR7nwI1ookhrVYDXY2pu44AwtTRPWUIXEoOxA11s07iF5NHSVrozB4MWg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUuTTFK8JOy%2BAIbNP5UBWlo2XkKs%2F40BSEM1KoVakTePujZyW6KBUr1NPFeDE6tTNKJMCrb16TNyA0%2FA0CQaFIuP6EleUjxItFphzRa1dJAzhpbkip9UqdXbLikbQC3863WkZwtGKT3obg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9f0d8a2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B724
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

43 B
739 B

101ms
101ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNX7LQ-pCl0NgabItKDNZT_GkCJdk_MDZKyACE6bIBgq5U6Q62LAoy0O2gU9ImHqBZmLNvl9JicFVSbVPZ9GxbSVKsAzMY9sP7bYm_kVDHK1FAzXtkkuknEtLzaR7nwI1ookhrVYDXY2pu44AwtTRPWUIXEoOxA11s07iF5NHSVrozB4MWg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3oolPZ%2B%2FcLc18QiqXmAQ99z1X8h6nhgPEEc%2Bt7p97ztbyE2FT90syzY20NDV%2FHOYvwrt%2FUczb%2F6vlSToGMclfiBdKaqa1AiDnZN%2Faowomddu%2BcLbAdGiSUD8rTF9fQlTKL%2BL2NF7MYIVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9fff8e2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B724
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

43 B
1 KB

45ms
44ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNX7LQ-pCl0NgabItKDNZT_GkCJdk_MDZKyACE6bIBgq5U6Q62LAoy0O2gU9ImHqBZmLNvl9JicFVSbVPZ9GxbSVKsAzMY9sP7bYm_kVDHK1FAzXtkkuknEtLzaR7nwI1ookhrVYDXY2pu44AwtTRPWUIXEoOxA11s07iF5NHSVrozB4MWg

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: 603c3131-e223-4086-820b-cc55502d5fde
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B724
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: ac3ebecd-a625-40da-a3f5-103dae26deee
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DF3C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26ceadaf753ea6b36772f15f14170a1ea1ae94ebaf8b542e4b291ab7cbd0df83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AA64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

43 B
733 B

79ms
79ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNW1ysJDnz6KMU3sbxIIIgfjY9Ls75O-IWAV-oIFTN1s1qpQTIEHfxD22r04EQ2RbY1U-NEUF4EwkfpTtFad01u8pMWp53RR1IxbnTN5zmC7fxbRm2lw-mFx3HFsv5zJtK8qV72wfmKfXBcQTPJKuLUkWe6P0_h_JndeCj_kbvVaJueHbcE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRezxvWntQ6JlOvMSAgisvLkGCy4%2FDtM08BgdMJU7hNjbq6P68x13ZzCiergbPNpGFJYAjtN6WUZMUMlPT0kkIxNMUAcrYu6ASeFhIEEedHOHumpBRDNmWh%2Bko%2BupqdBmdJCE7qas6xEQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9f5e4e2681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:52:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AA64
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

43 B
733 B

74ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNW1ysJDnz6KMU3sbxIIIgfjY9Ls75O-IWAV-oIFTN1s1qpQTIEHfxD22r04EQ2RbY1U-NEUF4EwkfpTtFad01u8pMWp53RR1IxbnTN5zmC7fxbRm2lw-mFx3HFsv5zJtK8qV72wfmKfXBcQTPJKuLUkWe6P0_h_JndeCj_kbvVaJueHbcE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBCkXivsNRSalfV%2FT7yhsHBs31QwqshakU9sivfZqwpkYx60LyLpnOhNkVtvrqK%2FaWfTn5LXcQ7B1i5dKNvuebopvq1xsdlrtpO8alf1Mz7ZGsef%2Fzy9O%2BaV9QucbB6MGOp9urFbEK4zEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccda048322681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AA64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

43 B
1 KB

43ms
43ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJHahIQCMAE&v=APEucNW1ysJDnz6KMU3sbxIIIgfjY9Ls75O-IWAV-oIFTN1s1qpQTIEHfxD22r04EQ2RbY1U-NEUF4EwkfpTtFad01u8pMWp53RR1IxbnTN5zmC7fxbRm2lw-mFx3HFsv5zJtK8qV72wfmKfXBcQTPJKuLUkWe6P0_h_JndeCj_kbvVaJueHbcE

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: c0144749-f29f-4b60-8e55-a26fa0ca62f5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA64
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: d8984005-6ff0-48ca-b4ad-24bedcfeef90
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3F9B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ce0ab709de3d48bfe8ca770a66243f1679a822ea38ff6c3c97f14d9a86ac482

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
setupad-d.openx.net/w/1.0/ Frame 80A3 199 B
202 B 106ms
92ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 07 Feb 2024 15:53:00 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 isyn
prebid.a-mo.net/ Frame E0C0 0
0 90ms
89ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Wed, 07 Feb 2024 15:52:59 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 cookie Show response
cm.adform.net/ Frame 7030 43 B
105 B 94ms
93ms Document
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D1FA99876B73A1B73%26sp%3D707647%26pb%3D534151%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fhayat.ba%2F%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Wed, 07 Feb 2024 15:53:00 GMT
server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A55A 16 KB
6 KB 85ms
85ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=60130
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Wed, 07 Feb 2024 15:53:00 GMT
expires: Thu, 08 Feb 2024 08:35:10 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame ED0A 37 B
140 B 156ms
40ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 07 Feb 2024 15:53:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1CD3 281 B
555 B 170ms
42ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/4138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hayat.ba/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 07 Feb 2024 15:53:00 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1

43 B
733 B

132ms
131ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCAjIgDEKCehpwDGMHriIYCMAE&v=APEucNWepHjE--XL-WJPvasOcl276PYCU65JgaqeSiyHj5eM9-D631py9m5-y7Mo2PzGO9aMlU2s6ZM_olOzhvOmkN86dFNkOaQuS10Y_8YDJVeVb7qvcag_81PKgjr25H5aDOfPCl1Z9WjQRpCdpB1Lea1VmC1vGyypd5lgUU0QDmwlOGPJMLM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB0h5FF4kEVSiklO44cVn8uT4U2FSdd6yamFLd8If99nGzBcEnLkGIh0NkjMJSYgRDeG%2FJ3kLm2twTwAcdUkb6BP6v7QQYNblGZocNIE05f3jk0Gofz8hULvPk2nL%2BxI%2B0Vq59ZLKNsSlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccd9fff942681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0F1C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcOnW98r43C.eq8u.1.tiQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2

43 B
736 B

81ms
81ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCAjIgDEKCehpwDGMHriIYCMAE&v=APEucNWepHjE--XL-WJPvasOcl276PYCU65JgaqeSiyHj5eM9-D631py9m5-y7Mo2PzGO9aMlU2s6ZM_olOzhvOmkN86dFNkOaQuS10Y_8YDJVeVb7qvcag_81PKgjr25H5aDOfPCl1Z9WjQRpCdpB1Lea1VmC1vGyypd5lgUU0QDmwlOGPJMLM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkdZExrGBqYS9KH%2FrOU7l1LV1GPqlWEn1YTf5txlXEqd6Uhv%2BxcoWiaWXimG%2F76yMY40gjinQkQfSpgDjMJC58bYaUAiUk7Afr%2BoYuAi5ZQOqfFB8Slb1%2BqmhaAYLdYHMxdalxEZo4glCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ccda048392681-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlTqDlbgU-KftjHu9yN7FY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0F1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

43 B
1 KB

53ms
53ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCAjIgDEKCehpwDGMHriIYCMAE&v=APEucNWepHjE--XL-WJPvasOcl276PYCU65JgaqeSiyHj5eM9-D631py9m5-y7Mo2PzGO9aMlU2s6ZM_olOzhvOmkN86dFNkOaQuS10Y_8YDJVeVb7qvcag_81PKgjr25H5aDOfPCl1Z9WjQRpCdpB1Lea1VmC1vGyypd5lgUU0QDmwlOGPJMLM

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: 0c77a0e7-6470-4c91-9276-a8fc251deba2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE00VYGGZbgHLwWCKx3Mghg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F1C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
an-x-request-uuid: 725d13dc-4903-4463-9230-2e0ac0af801c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI1Njk5OTE2MDc5NjE3MzIwMQ%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 04EE 43 KB
18 KB 195ms
76ms Script
application/javascript 162.55.81.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.81.174 Friedberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.81.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Wed, 07 Feb 2024 15:53:00 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Wed, 07 Feb 2024 18:53:00 GMT

GET
DATA 200
OK truncated
/ Frame 04EE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 774b16890cefc91391c6a5eae203566e2e6226d078339dffb1ab9f70c6da18d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame 1886 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:33:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11928
x-xss-protection: 0
server: cafe
etag: 10551285868935850944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 17:33:35 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1886 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMyMTE3OTM2NDY0MQogIHNlcnZlcl9pcDogMTM0MDU0NTY1CiAgcHJvY2Vzc19pZDogMzk3NzAyOTA3Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 1886 0
476 B 73ms
73ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMyMTE3OTM2NDY0MQogIHNlcnZlcl9pcDogMTM0MDU0NTY1CiAgcHJvY2Vzc19pZDogMzk3NzAyOTA3Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogNzAyMDU5MDM4MDMwMjg4OTMwNgpkZWJ1Z19rZXk6IDkzNjY4MDg1ODA1NTk3MjkwNTkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTA3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzI3NjgxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM1NzY5MjIzMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExMTc5OTc0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDk3NDMxOTQ5MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ2NzA5OTg1OQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5mciIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ucGwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x383c79b4db54b2830000000000000000","13":"0x8d08418958aea6250000000000000000","14":"0xa4596381904e08fb0000000000000000","15":"0x25bf45d544459e970000000000000000"},"debug_key":"9366808580559729059","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"7020590380302889306"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 1886 43 KB
18 KB 53ms
53ms Script
application/javascript 162.55.81.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.81.174 Friedberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.81.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Wed, 07 Feb 2024 15:53:00 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Wed, 07 Feb 2024 18:53:00 GMT

GET
DATA 200
OK truncated
/ Frame 1886 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50d773d4209aaa2a5d5d7865c1670d1a60e9034f437b082c342e4b9c122bbf9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 0CA9 10 KB
3 KB 129ms
44ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5411b714760f2f7e166cfe940cbe0cb6814757d0ff704828435632960f0017b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 74772
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3449
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:06:48 GMT
expires: Wed, 05 Feb 2025 19:06:48 GMT
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F949 0
0 85ms
83ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstsfAtX3iG96oQoPpjVKLFbnHTOJeV3xioUA_NomghPEIogLxeTLsYdGLLZ0AwFImWB6wGodMepr7be3A3JGWwuW5GNpLkACuFFAIB76Vm7L0fB1d3wMsw3gkZExer1pRni78DjLm__gBbW97uj8NhHkCsuI2tEx4bKHEF6so2qP51w449sN2Ef5sbpTdHAoH4yD-EwUYzlqi7itbwd2RH-Dno5la0Mxqdj12Lvxc5JnBNRzlLuJnpX3ACJGsGFEoR6e3eFa6OIz5wLXdW20USq9nXokPz2KFyDzW9a6FT6sgJKPx-MdinbzZC-tcYxTpePm6djdvfTeaQp2I1BUhdixFJR6Ap5dvT1S5j29DcuU4Gk18UAG8e3KQusm2vK3PkrHgpwZ4SbtEUE1-zuLbwAtkWjk6TX5C8W9mhaUq69wGgxi0UQuuGJKEzjM8Cnd8FwDowD_Y6Nn2kf_ynTvCxUgksJHLbpZphLQjnxQPqDF1v-bXrZQ1Ks_N20XR_yDidNrXoczyiDZRT856LZda3_qAcaK-KRDQsL68CRcUJulSh4uBGMNtwJmfoc2HUQTkdJQplcuH6hgK34Xq5mJ0NyiGbbTygMCDyT2pQc19NB3RlqQNyCCNP9Le4-imDehBS8SN-IkCqXw7KNQbS9z5aQ7DeGKFi8C62h4A5TIIpYAz_cjfpsCBerxeJELqf3Lhvxa6CwyHBUAvzrnpsj5bfZoSGfCspbGF3oEpM55uME7lz4_WRQ6EEKZF0WDIiDhlECr0QyfxOw-g0Kl2p1ULXSfzIW7f1rSgIGeJ8Zlwd-NAMlj2WTI6cBlRwOF-RQjjJ36n8GJ78nJMNgZWlfC4o-ibFxuQiI7_dg2hop5bZ5_4rcqlQiG3VyJdQOAT6a_nCNNY4eUwKSoEoTTAEbwcKRpb4SkPcBkNeAb3HPPE-Aj8j2K9Pd5qJt8Lp2z1Oy7kwguMqGs8DQBoo7XxXjvaZ5AyyArVbN0bEVgX06YXDi8xdbOya9EF1PI-WBCLekb-tqemk50wusFG18ERebRf-UnEAFuEBXKB_Dtj_tM1fpNaLn65g2PedwyNf0LOjU1lsuiXYb066qfg8BLEcguVI32UDF4p5xBoTRDFyL5pSyrEHgtKutp4SbhxycEeZFqioJzqmLNG2bsLO0wfsY-Zvb0fqhugxTCM9SsgGrKQfcbpoRb22vB_2kTTAVANlT76NrDoiFSqYwQkT4Lp3oUXmiNUERBXewmTMtjkCV1VEyxbrZ838duLlyhgP5I6m5TFMDdUjyD6nfPoSumwi0LkOvz-RhG877ppZ7kFgUPKZV50gSX8G3wz78u2Pyy7thFybBW47uzu-r_wcJwMoUcv8cRLBrdOk5b-aPfJhc&sai=AMfl-YS-acNQp9awYR-heXo2GZK6hUkABZ4_wMVzuJU87Xm794bXbGMK9RmNYX6gEhM4XXJD4KC-95GYR_wVAVVIgxRhotYYhkRywvq7GIMXy1d2GdoehZRF33G0Hvbu2GZaCB8l8PSwYXKyAKJtoDOoqd1Kqnpsp35sbk_DPQbv2mVDaJkboBLDZ57Pn6ZpqXg-Rq2t4ZnrNU3_4l8Uq2SiznJ0isgUHkmkE-zqAbfYyhCqfqF4QpiYA3UkkRgkWZsMa7lApHdA3STeLFcT0GIETOf74qlC01DhZPs92VgTJPhVRiscD0cvGYni18jOhax4dwo8zdQyhWXZ7NejZyP58hoOOPNLDNBczgAoWHNPj9X_OP0xk-hmhjruCypwdNhtZExpvyHCBiqzTy9F-IpHO6LsAyYxtS8PmjgwwJ2k1zL6pnNaoXv_Kblsb1HyF3usIvWOvFx0ptsRdiDiiXxoB9SIsxEMZM2f8BVY7ZuZyio8Wn22F9C2Wk_1iA0mO0-LpGPQBZs&sig=Cg0ArKJSzHY5Ui0u5uuGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=673&cbvp=1&cstd=663&cisv=r20240205.76474&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:53:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 64A8 10 KB
3 KB 79ms
42ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5411b714760f2f7e166cfe940cbe0cb6814757d0ff704828435632960f0017b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 74772
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3449
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 19:06:48 GMT
expires: Wed, 05 Feb 2025 19:06:48 GMT
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame DF3C 0
0 84ms
83ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssO3mi_bn4-6r5rIkBNtVs4akc__bg36v07z_rKiGaQJ-clEW1AJKeUlHuxt0ZLnq-nTlvwApi_gs09EJ5VQyhVAuN3Rb5VVu8grtMlzgBeSRjDcz2yL-IGPa99Pwb_WjW0TOMWaHuDTPZ4uDsCYX2tvwuSCzz9tsYro8_ujrxR-j5acGQEODhNBTNnFP-qemVXhrxR32v1Y9j_GBzJpyG8NPzcBq9YzhjlJefeZiIGtLAT7NBjZOPPhEpAxyKn6Ovjjd0j6v5vYgMSCmJVEm03vi2lE3Xj_q-LsicCgDcqXkYGv5W_7RkVxObV64cufqMuqm9Y3DkflmH5Dzbajq664YKgiR8qLxix-_j2VmzXwyzGXpRJUa1MV3xaFMZW3g99is2BceDiozIp4HhSw-GP-PYVwrsXFJpxgZpAjA0NGaP1qDGgG38E20FHgDyYib8qHUHb5ZgDfQ9UejSaJwnq-oNN0t3H-wlG65zJOyldvBSYehptmMlcSQB-ROMtVomZ_x87YZTlTxulGKC6DlNFGvuuPsygocLwnIhOwMyZ6MfS8apZi1ZA1TkQ8pDS_AD5Vyam7PSxurDNPTSMuVU0KNqe0YgN1af344fEMUUVhSvQWoeGfz8fEhWD5J1VeGkxmDnpY65fh9PL6Z2aKZ42uFbqBa_VvsIctAtFY7P9bvVwWqeWvV4RPu6HMv00FTAIGTSEs5wWblwv821a1pAv20eTXOuKO3BFwb58Waz9R9zPVL4YBDAOh28AW_m9cIvqVHZCakJ2zf27aq-z5xAQQqrRsCiHeoBLffFJzLPhs5miA_aYwi_f9FQ0gd4XsiQrJAYSDuxFZ2Z6lEPUIuJecSbjWOcik6-LnKqm3TKY2wETym_AU2Na0iLG6ZGOCm8Ljla0a_lquhqhCkVdFu5YeETJBGSzGslOMx9yG4yIiJ6FDd12_P5sbtOVdjlL4Y9JfLJGGhFdLmHfrz-DXUNDJjQy81_BWSLVtnWOou6jFDZu7mH6GAdgsVaPjs2q4v45ylTtWmR-f3R6DTK3vQz3Dfb9-urI7SLOzs69w0a4yy_VdJLkzVUr9YdTDDU5-YSK-77Jhe7yvKR8CplxkOiSjmyCwpKU8w0NU-dTzG5nUUsGKlDrp_eUyHh4o45pP12L35qdOjevN35AkGGXA12zc46WjFbkQl0BtPMCjWmZ63vUTWQpiOZHBk1I6k_426kz6WnlAfBhAgi99mPU-xpDA3ikxTg8iJWcEgXtLKOZTNcpsAMsZBGy_Ps76FF_aD0gR0WFVkaC2EowxAGjzgBNmpLIIhiByvA1Npxs5ivBN0FYto-haNUkuNEBoR6cLvSwiOTsQ4VnNrGp3Gs2fdcocEKrgcqsdtC5LFvg&sai=AMfl-YSZAV0FDBMhnzluQkorQgXPMKOXTpISz8XiQSwBY0LkDFnqInHwJAVNbZYb_KytI2tPk4W21TbaTtp4fk6SPlzEeEHCD9wGR84nNMYcRUPJQrHT4iowleCv053PUOWiwSVksNqWf_OWeD8WbS8m8m3eu88FpyC1EWzr90vnvFfHoipDFq9Qy800ZCGaW_Bqm6d7KaNXzYxNliX9ZAz3i5B9hlmuyBgbhv4X7JtUfTeNCnzk9tkq5ag9fVC-I4xw2dVEwIfo_l6t90eCq9neo5r_36V-tTssFCNyC4hcaZtnDqSKCAShuEpAOwOgvI6mIASSn_e8h_llgKnn4f7BQh81GKXpCUJX_6bpWDnbg_zWnMjaRADfSa383uPgjcpmNnwnGsL9GYSd9RomsPqz5rn7SCwdWvw9ed9hdL7W6-bbmlqAGeLf8--RQtx90-NK_zbg7s8jTKHWhBlnyVRUSBgWfN30ZGX4tx5vzCX1iTHAiPUEnrYFr1x9tkwXrHfTrk3AwvA&sig=Cg0ArKJSzIh_hdJwyIK9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=555&cbvp=1&cstd=548&cisv=r20240205.94222&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:53:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9191 0
0 72ms
72ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=2104438410499588&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7ED5 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1CD3 39 KB
11 KB 42ms
41ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 704736337e4fc877b25b5dd24b6efaccdeadf0f3730d3a01b40897f38b7f150e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 15:53:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2024 18:36:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9802
Connection: keep-alive
Content-Length: 10921
Expires: Wed, 07 Feb 2024 18:36:22 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DCA4 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5166569052526308556/ Frame 0063 37 KB
13 KB 49ms
48ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b6bc0dcec89bd1bcbb3519273f8de9135da30b3684f184e65c772830e45ad92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 427934
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 13172
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 17:00:46 GMT
expires: Sat, 01 Feb 2025 17:00:46 GMT
last-modified: Mon, 29 Jan 2024 16:38:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 3F9B 0
0 82ms
81ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstinKEgiAOFQc0DYI7xMmKQu7ljgBFyE6zvqshWG2mQliqJmyLmlnCbXmQq58xIp-aicQNejSnlDV0UAAmw5pJ7fkYPE7F9CcIko9K5VoHuL7arJhjFsFK9eSS7yajhe_7Nuhp40Xd1GTkZ1CyP8XfCwA-LVPl9M1aFaKSrf4BLQxySn3LlGlGQhGXHqUjUUd3y-42I7-WXLUuMvro0X3CS0JWY2paToUhwlOk4lhYPFsu9mWOWaOxkB2ixKJVS-t0HEvLeTriFzCTF4ee6H417sdX8ikSONa-ClyNr5iBziJNM1h1ABzA4-83jCXeBHOKhERFbGWxIX3x8veS05UQXq5WtaojvNILY_0BvaBO22yY_M_Dae6tinWmjFv2AhPxynFvIcCbahxhZk1SVb0N6ktJxn8fOWOKhv9CEzh3CrZ8q8gLzhVLTx6GP2RsP7vJe4x2d0e8p9tvN2Caypt5AwC1OJG9-eU-_QJj0tykjMxO3tK4ekj6zNXZTZBOMZDYQRnnQInCTGpEfZmWXF2tf_4OKvdBxPxBJJG-1m_yhxI8ogCXtWT4KuHVCRF8YotapLFt7Ggn2oHwlNXvHN345t5u6engPJWt6jw9IPTfsBU-80kPI2FEFgYNwj4fqammvKcmdjnbvyEQaB8l__OaxPfnWJUDoONOR5h-sAP7etBF595Igggcd1eHueLRI5uzrb9fqARxQ8dQf3hc1bgeoj9-vq5K87KL-ROcjotD0NtC1Hxy9FxFAYSFhaadGzwYQ2QDSQQRpAPzyoMoiZo8B70A46h0W8U9lTBvTVf6EiT2IAs97SrXsisAOBQuZPRFl0yoIJnE8Ji7SqoNaneAUYKjzQRCt1KMbXN6WPSgNAX6IjGHEWQcKf_JbCtoL5DIF5EXGCD9JnJrjk81s-UdD4kf9SctsHLjqyoP1xGY6ePH3-xCkCAYfq_p6ya0y5RMROPs3FIrEbOVTNHzPoCXDocbXdaecjotQYNAbsg4cd3duYo7hNoqn4YcZswqSc-jWF32bqzc8odIWUf1IsuW9k1_YSjlO9HahIqIfA2_LdV3MAfKSWRjTHrGwQTzn7a6605aNPg130YldLoJYTT8EgcJDB_NyCu1YBO6S1t-De1Va0D6XR7d2Z5BDwrfZ2bhL3CHRKFdH7fxIyiQ3it30w7Soey4yLa6sf__QXxUxTjv_SLlVriYjok-NXF2nzaTtNdXwB324dZ0JN5w8dTSzvIoT9mFWXIV2zj4qsC0OSqb17U7he3S6suDBNJyerGsKH4Z9ajsYEjKTOGTEcu8FBmtj_L06AWgYLxZKuQ8jHUxzLsvGWLNoWuZvqwUUg81Wc_wunH4jRZBqvFURIwuqS_UR1HSCdrAufz1z8yS7KCQ5nstfTyQ&sai=AMfl-YS3CTQQtr2lGnT-Z2HsqWupLLG37Tnnc7_UHZUHVSZTX6cpsg9rWVm0Lcv2M7i9x4gLEup_hZAcXTT8wTu74LnZts0PE9t8qLtWzIGi_A8iUrGguG8Hcg4FzkouuQHNTaJBsgxPD7VAPRwlqnCZOJ2eZnlYLcmafZI_kvKtQ2sh_vhpOMsRC_1SvGiyEQJEODkEO_8PyLNeP3qTCplwyGyQx20Df4IU6BwFg8WmI2ghSkAKyzvoyfcnvRin2zLos1lSALKlsZ0RsYgkMVb4B-0sJe6F_8WEdbGOxBSYFyNkwIEAprFxGBCrTncvocpp56ceOQ050e7c2jE4yRpEGGae3EfNOjzjMYBygYgvLXvoiZb-Lea8L3P7ORpW3T5t89Poso1zMfTKjZ02S3RPObL1WUboAdgRE6s8limjCHHL9EohpjEJUx2VKwCtHkSDtN6wVGJVFk_vRkPZ26F2lhBsOdCKw22xnaU9wzoDGE5aWESpTe5VLvRRMX87aZ2EMPrngIc&sig=Cg0ArKJSzKYneXQUywRyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXJpZWpvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=451&cbvp=1&cstd=443&cisv=r20240205.77216&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:53:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A55A 0
39 B 50ms
49ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60560974&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:52:59 GMT
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C9FB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:53:00 GMT
expires: Wed, 07 Feb 2024 15:53:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:53:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4A4D 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F3A5 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 64A8 236 KB
63 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Feb 2024 15:53:00 GMT

GET
H3 200 min.js Show response
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 64A8 68 KB
13 KB 40ms
39ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f33456503f52385557dc2394f9c3ef8a6022b537f7d83b3d624f6d3f7983478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:57:25 GMT
date: Tue, 06 Feb 2024 18:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13014
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0CA9 236 KB
63 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Feb 2024 15:53:00 GMT

GET
H3 200 min.js Show response
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 0CA9 68 KB
13 KB 60ms
60ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f33456503f52385557dc2394f9c3ef8a6022b537f7d83b3d624f6d3f7983478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:57:25 GMT
date: Tue, 06 Feb 2024 18:57:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13014
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame BDF1 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 pOkZermKdcwvcdfsJauNAZYLsZag1OhXX1s4zePfrzc.js Show response
pagead2.googlesyndication.com/bg/ Frame 45CD 50 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/pOkZermKdcwvcdfsJauNAZYLsZag1OhXX1s4zePfrzc.js

Requested by

Host: hayat.ba
URL: https://hayat.ba/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4e9197ab98a75cc2f71d7ec25ab8d01960bb196a0d4e8575f5b38cde3dfaf37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19519
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 18:13:15 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F97 38 KB
13 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1CD3 7 B
380 B 524ms
41ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 04EE 20 KB
7 KB 482ms
40ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 22:00:05 GMT
server: ECS (frb/6762)
age: 561
etag: "65b036e5-4e4e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7257
expires: Wed, 07 Feb 2024 16:03:00 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 15A0 2 KB
1 KB 475ms
39ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 287
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Wed, 07 Feb 2024 15:53:00 GMT
etag: "64e382fe-744+gzip"
expires: Wed, 07 Feb 2024 16:03:00 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 1886 20 KB
7 KB 463ms
46ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 22:00:05 GMT
server: ECS (frb/6762)
age: 561
etag: "65b036e5-4e4e+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7257
expires: Wed, 07 Feb 2024 16:03:00 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 82F0 2 KB
1002 B 457ms
45ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 287
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Wed, 07 Feb 2024 15:53:00 GMT
etag: "64e382fe-744+gzip"
expires: Wed, 07 Feb 2024 16:03:00 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 imageswoee4zx4cneygldd71hf.png
s0.2mdn.net/sadbundle/5166569052526308556/ Frame 0063 4 KB
4 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5166569052526308556/imageswoee4zx4cneygldd71hf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7fe18b7f054ef1a7b9896cbf621e6af957dc5876a432184aa10342f855aebfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sat, 01 Feb 2025 17:00:46 GMT
date: Fri, 02 Feb 2024 17:00:46 GMT
x-content-type-options: nosniff
age: 427934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4344
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 16:38:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6f923076e69354fdec014ceafe6b2ff6.jpg
s0.2mdn.net/sadbundle/5166569052526308556/ Frame 0063 16 KB
16 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5166569052526308556/6f923076e69354fdec014ceafe6b2ff6.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c11129f58a06c71060a4087c2d3683e3cd25dfd7bc0c1c4c3b43b3cd0e9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Sat, 01 Feb 2025 17:00:46 GMT
date: Fri, 02 Feb 2024 17:00:46 GMT
x-content-type-options: nosniff
age: 427934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16107
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 16:38:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0063 10 KB
10 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7532022ffcdc7f3b6851e29d8e4c11910b505e90b9e94fc2cc6ed4b5b8cd611d

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: font/truetype;charset=utf-8

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ED5 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame DCA4 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A4D 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 3F9B 0
0 80ms
80ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstinKEgiAOFQc0DYI7xMmKQu7ljgBFyE6zvqshWG2mQliqJmyLmlnCbXmQq58xIp-aicQNejSnlDV0UAAmw5pJ7fkYPE7F9CcIko9K5VoHuL7arJhjFsFK9eSS7yajhe_7Nuhp40Xd1GTkZ1CyP8XfCwA-LVPl9M1aFaKSrf4BLQxySn3LlGlGQhGXHqUjUUd3y-42I7-WXLUuMvro0X3CS0JWY2paToUhwlOk4lhYPFsu9mWOWaOxkB2ixKJVS-t0HEvLeTriFzCTF4ee6H417sdX8ikSONa-ClyNr5iBziJNM1h1ABzA4-83jCXeBHOKhERFbGWxIX3x8veS05UQXq5WtaojvNILY_0BvaBO22yY_M_Dae6tinWmjFv2AhPxynFvIcCbahxhZk1SVb0N6ktJxn8fOWOKhv9CEzh3CrZ8q8gLzhVLTx6GP2RsP7vJe4x2d0e8p9tvN2Caypt5AwC1OJG9-eU-_QJj0tykjMxO3tK4ekj6zNXZTZBOMZDYQRnnQInCTGpEfZmWXF2tf_4OKvdBxPxBJJG-1m_yhxI8ogCXtWT4KuHVCRF8YotapLFt7Ggn2oHwlNXvHN345t5u6engPJWt6jw9IPTfsBU-80kPI2FEFgYNwj4fqammvKcmdjnbvyEQaB8l__OaxPfnWJUDoONOR5h-sAP7etBF595Igggcd1eHueLRI5uzrb9fqARxQ8dQf3hc1bgeoj9-vq5K87KL-ROcjotD0NtC1Hxy9FxFAYSFhaadGzwYQ2QDSQQRpAPzyoMoiZo8B70A46h0W8U9lTBvTVf6EiT2IAs97SrXsisAOBQuZPRFl0yoIJnE8Ji7SqoNaneAUYKjzQRCt1KMbXN6WPSgNAX6IjGHEWQcKf_JbCtoL5DIF5EXGCD9JnJrjk81s-UdD4kf9SctsHLjqyoP1xGY6ePH3-xCkCAYfq_p6ya0y5RMROPs3FIrEbOVTNHzPoCXDocbXdaecjotQYNAbsg4cd3duYo7hNoqn4YcZswqSc-jWF32bqzc8odIWUf1IsuW9k1_YSjlO9HahIqIfA2_LdV3MAfKSWRjTHrGwQTzn7a6605aNPg130YldLoJYTT8EgcJDB_NyCu1YBO6S1t-De1Va0D6XR7d2Z5BDwrfZ2bhL3CHRKFdH7fxIyiQ3it30w7Soey4yLa6sf__QXxUxTjv_SLlVriYjok-NXF2nzaTtNdXwB324dZ0JN5w8dTSzvIoT9mFWXIV2zj4qsC0OSqb17U7he3S6suDBNJyerGsKH4Z9ajsYEjKTOGTEcu8FBmtj_L06AWgYLxZKuQ8jHUxzLsvGWLNoWuZvqwUUg81Wc_wunH4jRZBqvFURIwuqS_UR1HSCdrAufz1z8yS7KCQ5nstfTyQ&sai=AMfl-YS3CTQQtr2lGnT-Z2HsqWupLLG37Tnnc7_UHZUHVSZTX6cpsg9rWVm0Lcv2M7i9x4gLEup_hZAcXTT8wTu74LnZts0PE9t8qLtWzIGi_A8iUrGguG8Hcg4FzkouuQHNTaJBsgxPD7VAPRwlqnCZOJ2eZnlYLcmafZI_kvKtQ2sh_vhpOMsRC_1SvGiyEQJEODkEO_8PyLNeP3qTCplwyGyQx20Df4IU6BwFg8WmI2ghSkAKyzvoyfcnvRin2zLos1lSALKlsZ0RsYgkMVb4B-0sJe6F_8WEdbGOxBSYFyNkwIEAprFxGBCrTncvocpp56ceOQ050e7c2jE4yRpEGGae3EfNOjzjMYBygYgvLXvoiZb-Lea8L3P7ORpW3T5t89Poso1zMfTKjZ02S3RPObL1WUboAdgRE6s8limjCHHL9EohpjEJUx2VKwCtHkSDtN6wVGJVFk_vRkPZ26F2lhBsOdCKw22xnaU9wzoDGE5aWESpTe5VLvRRMX87aZ2EMPrngIc&sig=Cg0ArKJSzKYneXQUywRyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXJpZWpvLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=706&vt=11&dtpt=255&dett=3&cstd=443&cisv=r20240205.77216&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 15:53:00 GMT

POST node.php
node.setupad.com/node/ 0
0

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame F3A5 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F97 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H3 200 ebay_schatten_blur.png
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 64A8 5 KB
5 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/ebay_schatten_blur.png?1703000159124

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:51:52 GMT
date: Tue, 06 Feb 2024 18:51:52 GMT
x-content-type-options: nosniff
age: 75668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4685
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame DF3C 0
0 73ms
73ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssO3mi_bn4-6r5rIkBNtVs4akc__bg36v07z_rKiGaQJ-clEW1AJKeUlHuxt0ZLnq-nTlvwApi_gs09EJ5VQyhVAuN3Rb5VVu8grtMlzgBeSRjDcz2yL-IGPa99Pwb_WjW0TOMWaHuDTPZ4uDsCYX2tvwuSCzz9tsYro8_ujrxR-j5acGQEODhNBTNnFP-qemVXhrxR32v1Y9j_GBzJpyG8NPzcBq9YzhjlJefeZiIGtLAT7NBjZOPPhEpAxyKn6Ovjjd0j6v5vYgMSCmJVEm03vi2lE3Xj_q-LsicCgDcqXkYGv5W_7RkVxObV64cufqMuqm9Y3DkflmH5Dzbajq664YKgiR8qLxix-_j2VmzXwyzGXpRJUa1MV3xaFMZW3g99is2BceDiozIp4HhSw-GP-PYVwrsXFJpxgZpAjA0NGaP1qDGgG38E20FHgDyYib8qHUHb5ZgDfQ9UejSaJwnq-oNN0t3H-wlG65zJOyldvBSYehptmMlcSQB-ROMtVomZ_x87YZTlTxulGKC6DlNFGvuuPsygocLwnIhOwMyZ6MfS8apZi1ZA1TkQ8pDS_AD5Vyam7PSxurDNPTSMuVU0KNqe0YgN1af344fEMUUVhSvQWoeGfz8fEhWD5J1VeGkxmDnpY65fh9PL6Z2aKZ42uFbqBa_VvsIctAtFY7P9bvVwWqeWvV4RPu6HMv00FTAIGTSEs5wWblwv821a1pAv20eTXOuKO3BFwb58Waz9R9zPVL4YBDAOh28AW_m9cIvqVHZCakJ2zf27aq-z5xAQQqrRsCiHeoBLffFJzLPhs5miA_aYwi_f9FQ0gd4XsiQrJAYSDuxFZ2Z6lEPUIuJecSbjWOcik6-LnKqm3TKY2wETym_AU2Na0iLG6ZGOCm8Ljla0a_lquhqhCkVdFu5YeETJBGSzGslOMx9yG4yIiJ6FDd12_P5sbtOVdjlL4Y9JfLJGGhFdLmHfrz-DXUNDJjQy81_BWSLVtnWOou6jFDZu7mH6GAdgsVaPjs2q4v45ylTtWmR-f3R6DTK3vQz3Dfb9-urI7SLOzs69w0a4yy_VdJLkzVUr9YdTDDU5-YSK-77Jhe7yvKR8CplxkOiSjmyCwpKU8w0NU-dTzG5nUUsGKlDrp_eUyHh4o45pP12L35qdOjevN35AkGGXA12zc46WjFbkQl0BtPMCjWmZ63vUTWQpiOZHBk1I6k_426kz6WnlAfBhAgi99mPU-xpDA3ikxTg8iJWcEgXtLKOZTNcpsAMsZBGy_Ps76FF_aD0gR0WFVkaC2EowxAGjzgBNmpLIIhiByvA1Npxs5ivBN0FYto-haNUkuNEBoR6cLvSwiOTsQ4VnNrGp3Gs2fdcocEKrgcqsdtC5LFvg&sai=AMfl-YSZAV0FDBMhnzluQkorQgXPMKOXTpISz8XiQSwBY0LkDFnqInHwJAVNbZYb_KytI2tPk4W21TbaTtp4fk6SPlzEeEHCD9wGR84nNMYcRUPJQrHT4iowleCv053PUOWiwSVksNqWf_OWeD8WbS8m8m3eu88FpyC1EWzr90vnvFfHoipDFq9Qy800ZCGaW_Bqm6d7KaNXzYxNliX9ZAz3i5B9hlmuyBgbhv4X7JtUfTeNCnzk9tkq5ag9fVC-I4xw2dVEwIfo_l6t90eCq9neo5r_36V-tTssFCNyC4hcaZtnDqSKCAShuEpAOwOgvI6mIASSn_e8h_llgKnn4f7BQh81GKXpCUJX_6bpWDnbg_zWnMjaRADfSa383uPgjcpmNnwnGsL9GYSd9RomsPqz5rn7SCwdWvw9ed9hdL7W6-bbmlqAGeLf8--RQtx90-NK_zbg7s8jTKHWhBlnyVRUSBgWfN30ZGX4tx5vzCX1iTHAiPUEnrYFr1x9tkwXrHfTrk3AwvA&sig=Cg0ArKJSzIh_hdJwyIK9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=951&vt=11&dtpt=396&dett=3&cstd=548&cisv=r20240205.94222&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 15:53:00 GMT

POST node.php
node.setupad.com/node/ 0
0

GET
H3 200 ebay_schatten_blur.png
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 0CA9 5 KB
5 KB 39ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/ebay_schatten_blur.png?1703000159124

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:51:52 GMT
date: Tue, 06 Feb 2024 18:51:52 GMT
x-content-type-options: nosniff
age: 75668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4685
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame F949 0
0 74ms
73ms Fetch
image/gif 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstsfAtX3iG96oQoPpjVKLFbnHTOJeV3xioUA_NomghPEIogLxeTLsYdGLLZ0AwFImWB6wGodMepr7be3A3JGWwuW5GNpLkACuFFAIB76Vm7L0fB1d3wMsw3gkZExer1pRni78DjLm__gBbW97uj8NhHkCsuI2tEx4bKHEF6so2qP51w449sN2Ef5sbpTdHAoH4yD-EwUYzlqi7itbwd2RH-Dno5la0Mxqdj12Lvxc5JnBNRzlLuJnpX3ACJGsGFEoR6e3eFa6OIz5wLXdW20USq9nXokPz2KFyDzW9a6FT6sgJKPx-MdinbzZC-tcYxTpePm6djdvfTeaQp2I1BUhdixFJR6Ap5dvT1S5j29DcuU4Gk18UAG8e3KQusm2vK3PkrHgpwZ4SbtEUE1-zuLbwAtkWjk6TX5C8W9mhaUq69wGgxi0UQuuGJKEzjM8Cnd8FwDowD_Y6Nn2kf_ynTvCxUgksJHLbpZphLQjnxQPqDF1v-bXrZQ1Ks_N20XR_yDidNrXoczyiDZRT856LZda3_qAcaK-KRDQsL68CRcUJulSh4uBGMNtwJmfoc2HUQTkdJQplcuH6hgK34Xq5mJ0NyiGbbTygMCDyT2pQc19NB3RlqQNyCCNP9Le4-imDehBS8SN-IkCqXw7KNQbS9z5aQ7DeGKFi8C62h4A5TIIpYAz_cjfpsCBerxeJELqf3Lhvxa6CwyHBUAvzrnpsj5bfZoSGfCspbGF3oEpM55uME7lz4_WRQ6EEKZF0WDIiDhlECr0QyfxOw-g0Kl2p1ULXSfzIW7f1rSgIGeJ8Zlwd-NAMlj2WTI6cBlRwOF-RQjjJ36n8GJ78nJMNgZWlfC4o-ibFxuQiI7_dg2hop5bZ5_4rcqlQiG3VyJdQOAT6a_nCNNY4eUwKSoEoTTAEbwcKRpb4SkPcBkNeAb3HPPE-Aj8j2K9Pd5qJt8Lp2z1Oy7kwguMqGs8DQBoo7XxXjvaZ5AyyArVbN0bEVgX06YXDi8xdbOya9EF1PI-WBCLekb-tqemk50wusFG18ERebRf-UnEAFuEBXKB_Dtj_tM1fpNaLn65g2PedwyNf0LOjU1lsuiXYb066qfg8BLEcguVI32UDF4p5xBoTRDFyL5pSyrEHgtKutp4SbhxycEeZFqioJzqmLNG2bsLO0wfsY-Zvb0fqhugxTCM9SsgGrKQfcbpoRb22vB_2kTTAVANlT76NrDoiFSqYwQkT4Lp3oUXmiNUERBXewmTMtjkCV1VEyxbrZ838duLlyhgP5I6m5TFMDdUjyD6nfPoSumwi0LkOvz-RhG877ppZ7kFgUPKZV50gSX8G3wz78u2Pyy7thFybBW47uzu-r_wcJwMoUcv8cRLBrdOk5b-aPfJhc&sai=AMfl-YS-acNQp9awYR-heXo2GZK6hUkABZ4_wMVzuJU87Xm794bXbGMK9RmNYX6gEhM4XXJD4KC-95GYR_wVAVVIgxRhotYYhkRywvq7GIMXy1d2GdoehZRF33G0Hvbu2GZaCB8l8PSwYXKyAKJtoDOoqd1Kqnpsp35sbk_DPQbv2mVDaJkboBLDZ57Pn6ZpqXg-Rq2t4ZnrNU3_4l8Uq2SiznJ0isgUHkmkE-zqAbfYyhCqfqF4QpiYA3UkkRgkWZsMa7lApHdA3STeLFcT0GIETOf74qlC01DhZPs92VgTJPhVRiscD0cvGYni18jOhax4dwo8zdQyhWXZ7NejZyP58hoOOPNLDNBczgAoWHNPj9X_OP0xk-hmhjruCypwdNhtZExpvyHCBiqzTy9F-IpHO6LsAyYxtS8PmjgwwJ2k1zL6pnNaoXv_Kblsb1HyF3usIvWOvFx0ptsRdiDiiXxoB9SIsxEMZM2f8BVY7ZuZyio8Wn22F9C2Wk_1iA0mO0-LpGPQBZs&sig=Cg0ArKJSzHY5Ui0u5uuGEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGQyLmRlLGh0dHBzOi8vZWJheS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1124&vt=11&dtpt=451&dett=3&cstd=663&cisv=r20240205.76474&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 15:53:00 GMT

POST node.php
node.setupad.com/node/ 0
0

GET
H3 200 lasseslos_schatten.png
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 64A8 5 KB
5 KB 41ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/lasseslos_schatten.png?1703000159124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b5e86ca512799aa86b6b1e9d5e31f063c1c054012b707d03c0cc4afc6f692e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 19:11:47 GMT
date: Tue, 06 Feb 2024 19:11:47 GMT
x-content-type-options: nosniff
age: 74473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5084
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 lasseslos_schatten.png
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 0CA9 5 KB
5 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/lasseslos_schatten.png?1703000159124

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b5e86ca512799aa86b6b1e9d5e31f063c1c054012b707d03c0cc4afc6f692e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 19:11:47 GMT
date: Tue, 06 Feb 2024 19:11:47 GMT
x-content-type-options: nosniff
age: 74473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5084
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BDF1 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?V53c0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 64A8 51 KB
51 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/visual.jpg?1703000159124

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54d5a0cac8cdcec230f983af5f8911319e1413035fa928dd2aa7ad420b69566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:48:04 GMT
date: Tue, 06 Feb 2024 18:48:04 GMT
x-content-type-options: nosniff
age: 75896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51816
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/17082309483613358229/ Frame 0CA9 51 KB
51 KB 54ms
53ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17082309483613358229/visual.jpg?1703000159124

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54d5a0cac8cdcec230f983af5f8911319e1413035fa928dd2aa7ad420b69566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17082309483613358229/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:48:04 GMT
date: Tue, 06 Feb 2024 18:48:04 GMT
x-content-type-options: nosniff
age: 75896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51816
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 17:32:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 tag236628 Show response
ads.revjet.com/ Frame 04EE 245 KB
40 KB 54ms
53ms Script
text/javascript 162.55.81.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236628?_plc_id=111757034&_key=1d8&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCg0UiWKfDZc3oN9yL1PIPoZirgAf02-DWddz_8cilErv57JCCAhABIP-o7JoBYJXCmoKsB6ABuayQiynIAQmpAr61OiB4DrI-qAMByAObBKoE4AFP0Px3tYbikJbuojby5zZd1Vh3AEw2SNDttccXEsKR2I2bnNzZgmbl504IW99_ObX4ENpvNJbhw4AHsgnOji-pKtIsO8V8-xVbwMht9K8QrWXK9Sd1Ax0Xd0SecZbvDCA-Vojvz6WO1DmtH5T3p1Pt8tpnwC3ZuK541mUPgNnSDhDYmdMyN7CYR8a0PB8dAmM8Ytl166xQmTNdZ8MMZ5NKkTRG1LvWPVfVmOLRZAMBByJBH33qG5iaqCC5NsvK_AdSDXK4VdBtL8O1AU270BkFYCd_abUW2kj7yJ4q-MaII8AEloDxi9wE4AQDiAWC76qRTpAGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYy5yPgsuZhAOACgOYCwHICwGADAGqDQJEReINEwiXjZCCy5mEAxXcBVUIHSHMCnCwE4erzBbYEw2IFAbYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB%26sig%3DAOD64_3W8LLaL41Go-o__7Ms9Vh4FjLjOw%26client%3Dca-pub-7724630844590044%26dbm_c%3DAKAmf-CUL_dBUsBH0D1L5chqZMFizfZpE8xdLyuekBwA9JVfW-XEV7Twqg0DfpLFgYZli2qoNtnDSSjCDl6YocmDzhq0cJuK7a-MRxtPJvC_U3mZ-BnI7kfBUC-m-1egHfwcpDv3TKRJ3eQOmYu96Db_cuHUduSHmuqePByjIGiCylSmAqhrr8c%26cry%3D1%26dbm_d%3DAKAmf-DxZqoQzgdHJ-F_pwDLeb6h-z9zc5NH9RYkAh1CcZca-hBFEl9DvgMVStJig5hDAVgH3hPJpX0bAjTm__EiOjpDgQfkmPidGQAqWLLrpN3DC0dlJEijyglYsbyaoBaL1rnAEavi90kQsXc_mYq0HafWVF59Y7xm02YvspKNGPaec_1Eb0E7nwXQJUrtH3pFaetrsZdYkgXWgeRKccCzKywdFoMuggS46orBOfx4zI1VQbjv4RK3revnoh9V-p5Y07Tc05F2Xk18VISMCTci1g6UUo8gPKrJgvsCGD4Qfur6JFe9QU50FiCWAkPpUT7Jrvg5bxp_XVX4wOAYwh3OooaS5kaFJE0TT1nC30nC76berbbZ1E8msMXd_r2Ho5SfryyryESdjChXXfBLBfgZG1tcWjPfYCEl4931k5b9TvJ70M4mIfhHTwq8dt34B4_YLyDY_56qeZ9mRFBSD1P2m9NzaO43S415xkzJxI-bQc2OymIVAzn1eBnN9MhLfYc7BvpNr9mBgiQspRdDq8hiaRxBKnTmq-xhsWClzZu0EeQZJmMeq58%26adurl%3D&dv360_cmp_id=20974319490&dv360_li_id=1015590269&dv360_crv_id=467117127&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fhayat.ba%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=31bf784bea3283c38c8e_1707321181077&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fhayat.ba&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1707321181099
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.81.174 Friedberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.81.55.162.clients.your-server.de
Software: nginx /
Resource Hash: ca46c87f667a6d12edd9ff742b484a702351dbd4adee1c63aac94693dcff6070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:01 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: adscsp1-1.sde10530
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 tag236635 Show response
ads.revjet.com/ Frame 1886 255 KB
42 KB 122ms
122ms Script
text/javascript 162.55.81.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236635?_plc_id=111757046&_key=ac3&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMBPoWKfDZc7oN9yL1PIPoZirgAf02-DWdaSB8silErv57JCCAhABIP-o7JoBYJXCmoKsB6ABuayQiynIAQmpAr61OiB4DrI-qAMByAObBKoE4gFP0F03hRLfvNswjRscAo_gtQhLWI1wGUDNFMX9nfVmBjuxDoUdtva1xRAY254rLDnl4GEZa9QuTvybxJXBDd1o5vRzTLkmktJ9J1Y_1ti84vvHyhOFyMmcyIDEd8XWbYjX82ijfeWabRxR-5AYmxPw_poErxT82h1Ql-upwWho_MR5_F6F6xZGVPDBjwoeFBYuX6onT9k0lQm13SiQJDEiQSpSKlNXmGr_wsusZRcp-7sj1nlQjKtBq6w_IfHf9OIhTzq5eJMAGcBdS6HGIh5uYkhMMUSy8J0i33Bd8CoXXDQ8wASWgPGL3ATgBAOIBYLvqpFOkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOljLnI-Cy5mEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCJiNkILLmYQDFdwFVQgdIcwKcLATh6vMFtgTDYgUBtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB%26sig%3DAOD64_3kl0Rg46eg35IQwDI1ITmaLSFRUQ%26client%3Dca-pub-7724630844590044%26dbm_c%3DAKAmf-D9gcXDrSmbUftq7TBykm-40bMUoTN5MX3qcbm5OXXNhp75Ur2qeAxhG6GdbO8ghHuHD1yqU93DhGw2e9liI1KOuC126eiok9aziMQ5GnvulmN1n95G3a9W9UcJL1Kw7SSz28rvNvWu4neGQO7viPhm0TxaVOGVzlxucJE5i5mGg0xQNxU%26cry%3D1%26dbm_d%3DAKAmf-ABIZYCuvZu1qklGf_ktwfJ1Ic14u6JQ2lHR8AXfF2ru38xoDlOgEhsFiPybHA9GRq9SBsfYUSaUDNgkjEpL6VAaj1AhT3d77uB7hAkWwURfO51CG9VO_VZF6bKhgQiJV8A4Mfo-LYhnchAYEY73ZjxomFeYqpMe_lLR1rQcPl7ttXp1KN-munCrXfAFSVZjRFbW5Iw8H0KSLMYJ7wkfHvxNC3wLtPcQHdusVIBSLHk1RH3Z6_nJqUAb-fWh6t6X58vJCS-bC6Nyi8OihAMdCtoBKKnxUG76PwBXUivZE-hqmlxepnoSSe8DsPgEy_fNkc9S1kw1OXiydn203crIc2fNGQwObMilJFdMAegHPdCg57aWXt518LWedqrWDIOqzDJZzAFEvYZ4if5UMc93X1YqsPHQm3ZAQBThXq2k0l1H7ahPrh7qW16FCYQR3Wc1EpryfARFMhQ63VVnnF88ma2t3RBqDqdBpChTVg5f5vYKZWEHz-Z-aP1FPtQipZP26Ulvi4D6gU7ikw9jjoO2hUe35-SuKCNrAy4o1Qhk3wnABlOeDE%26adurl%3D&dv360_cmp_id=20974319490&dv360_li_id=1015590269&dv360_crv_id=467099859&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2F1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fhayat.ba%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=31bf784bea3283c38c8e_1707321181077&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fhayat.ba&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1707321181107
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.55.81.174 Friedberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.81.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 151abd13e8a8005205cff7523540a8c8cf0a85ca3bca60969a14a79314a35627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:01 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: adscsp1-1.sde10525
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1886 42 B
174 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRdlVH-ByRFkxM-hTOl4fMuCkOjRQiHLWFcrq3Cunrjcv5mAYwmv334DYjnbvljSw9_Z3g4-dBMxHyHVyRb286jl0B9qp0KSuT3x_zN-QLYGug_0jZszFHAtEePU0F_jK3tThV6WSY_i5h61jzIaYayW45-mnyLr3ibg&sai=AMfl-YQjlcOhdi7CFCIF0hh8kzi01T3oq7L6tf7sBjmBY8U2WImbq5EHBPqw8gaiEj0fkGKfYwwOr2KAulVuG-Qgr24TqlR1djsij65vvNqmackZZhjvav-__-Ax_bw81TEJKFl0SmJaznqerJzn2DG4&sig=Cg0ArKJSzBtjzuVb28T0EAE&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&id=lidar2&mcvt=1028&p=172,315,422,1285&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2820045679&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=325398000&rst=1707321177680&rpt=2482&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF3C 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvebTcjjdM86PHAijlYx0tI3i0EPCYlmjaWf188EJf2_7_aDJW7bMDyUH86BrfDU-9W5vX2NneHy-wwPrWX6gLWPxT-bZ5QV1w2wuu9vjgLkzedWlKPTv9mYjqDQq0YUbsuJ2Ij81fz4Q-tn_uYUNXAoLvZ9RkXDJVVuQ&sai=AMfl-YTDXd4KmbIXq0RtZM2Wy2okrcR2n4Kk851EOGYlz1YmA_HZ707g_elVFPDTDowX7PQfPTuZVs5kQU9sy8ns2GSrKZxIBZIAfcq3jfPK53qYrT3z9G6b3ybHhfYw0OnowByMv7KIx-Vw3zNmzBkT&sig=Cg0ArKJSzDNoKoBCo8-NEAE&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&id=lidar2&mcvt=1636&p=439,1559,479,1600&mtos=1636,1636,1636,1636,1636&tos=1636,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2152365933&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=325397900&rst=1707321177850&rpt=2097&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F949 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3h0U8x5-Ye_UzSJVKXJCex0WmW-bzn3M_eVzPnW9Umdmai-dCrhhu633kpkTyD6GV5sGXKkQs9EzGi6WHRdzIadMeqszdgBbN_S_W1G8jOmsMCFS8oYJeKGMHm_HhzI_zaL0ap0KDwQB3gEywNNv7t9QBU_8GrcjFYg&sai=AMfl-YRybYKFPimRiMkjh71XBWqN_kZBa5tEGwemSIf6C1J9NRTkJQJ5rhBfQExGEQtXxeU77AVyT99LlP5W3nmgrv5AcAn80cVJ-5PtY7VXNTiQzKsCeAjK-9hLn3CYDMOP8k1mmnQ559qntdLHc3CL&sig=Cg0ArKJSzF4ykPJv2QUhEAE&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&id=lidar2&mcvt=1638&p=439,119,479,160&mtos=1638,1638,1638,1638,1638&tos=1638,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2950936150&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=325397900&rst=1707321177762&rpt=2155&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 518D 170 KB
50 KB 156ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 6ffe3e06e87f10c9951b52db90f612780366c729ce623b70a95897818c8094b8

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
content-encoding: gzip
last-modified: Fri, 26 Jan 2024 18:05:26 GMT
server: ECS (frb/6738)
age: 403
etag: "65b3f466-2a821+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51382
expires: Wed, 07 Feb 2024 16:03:02 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 518D 43 B
277 B 134ms
39ms Image
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=da74e112a9c726a248582d7c0587a477&__adt=8240604171402400834&__ade=1&vid=5110424516480582595
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 518D 56 KB
15 KB 39ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:01 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/6712)
age: 178
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Wed, 07 Feb 2024 16:03:01 GMT

GET
H3

200

B29255022.357498592;dc_pre=CNmf84TLmYQDFakFVQgd4AkKoA;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181134
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 518D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17073211...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CNmf84TLmYQDFakFVQgd4AkKoA;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_chil...

42 B
64 B

60ms
60ms

Image
image/gif

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CNmf84TLmYQDFakFVQgd4AkKoA;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181134

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357498592;dc_pre=CNmf84TLmYQDFakFVQgd4AkKoA;dc_trk_aid=548428617;dc_trk_cid=185782221;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181134
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 518D 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ED5 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBr1QWKfDZc_oN9yL1PIPoZirgAcAAAAAOAHgBAI&bg=!GhmlGVbNAAZh4eseQeE7ADQBe5WfOM4s1BbaT0MWYm6XuY2OMGxwOshZnRksrPRTckB-1_4UkAP94fMOZqKcLnhMugi_AgAAAWZSAAAAAmgBBwoAZCvTrZHcOuRZlg3obvcwPKYoct0pXjGxnWh2incnR8lwfqTdIdcHe3NdSfKz01visGWydZDXA5eF26jotjjeaVtZ8epRmzhiCl3g95Th9u4_bKYV97ZRTlK40Bb7ix8u3O1l3yGZAxKbT6_OZ9JbcXfT5d1QmYokjPzBA-cMIufwdql91Of_w8s-IhgZOG5tPiqWM3M7MeipHEJfjeQx_6jEo4IS0UHqmjPiZJAzrhTryouPhfSJQJNwczssCZNsRinSPyG9BqG5jqJhBDq2dlmgNG7P6WQ9GlEwnnWZ-E8gQKDChffpt2skNaXeWDW3YclkxM-p7tF3YLKB8-UsjUFQ9T3-kyWHOhv7u4B2VINb0Om9BECqMEjO-hPIHn48dGGXo4qEWD0ssZV9goThBlGYsAFZri5IO2TiCjy-fIBNz820KMp3t8Fhg2y487xtZ9vRvWoOHoYsmnREVJDoKtr8SMCOzGmFeyNCG9QAbRcO0-SlAe3yMA-rmSvZ7nXifhSiJdr8J4MvG2vj7cbkOnLDILiy_Q4XuyocVY9nM3NEe4YMeGX8-MhCnC7BTHLe0dbtHW9uQvhIWJIws3Rd9PUE2eMT32EVMCcgOXvNj62vvP4avPzmy0agwFeQ71MejeXl175RWsZLdLLK1bvvS-YnhWoaoizxi8Ou5K7H3v3XsfxxESw_vcG99dGC7WTsiIeUvXNKcox0pxESO6soekyBM05UNnHwkiCDLi4GeDPMMURrzKGeABburYAN6t45zu66EghkqbQogEHYAjXdgRMHkIbUlIxOckzTJU-rOyQ8W3S__YcumzS7ytYbCy2CuHUfD0BjIJisSJL-tTO41xstKiidBx9rBzqCkdJ5dtV85x5n76WEiG3PmeTsmxrDj52sZw6Yhh14jYMP1H-lNfHMZ5CHtkbMXvyHLjaSUeZ8PyyX_He1u2HOt5oFMb0YqN--r37IAnB4II-FovT1BEYJ4W3bVur4xi5aJwNUHMkNMPgTHJOrD5QnlqjfyHVCB5fU3ViS_CZd8cmOnPKSv56xDMKIcL2Ol4mqqoyGHZKUvqRn2DwsoY6_iAKj63b7jXWC-p-dQ45ojX74Ib0XjpVlpHL6nQaypFTbY6BfdAuhylG7cxhQ29zmVFqHy18EMjLhODNC30X4uPGKcInLg4lUpavOUPcPB_g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA4 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BpTt2WKfDZdDoN9yL1PIPoZirgAcAAAAAOAHgBAI&bg=!u7iluPfNAAZh4eseQeE7ADQBe5WfOF8-C7bnQn2HJ9tnl2GQY2feLuWMqQ_AdOH-48iYkQ78NCOTdz7khlfrh6XIIYQRAgAAAVxSAAAAA2gBB5kDDoncvaCu7pxp-zUXLk6FFpW0tsEQ5rbAysfm6ByUQi11N-4tC7jEvlMk12IDJovNiL7oXod3j53iguy8bnUfRP4TAunbkLr2y-caaE-MgN-epyeLcVa9N0T8Tdm3pSG-f1YWJUlw8GH_6UaHkQOtj84MbutogkjAThgHD5Xu_TqW2UrJf_3V__9t26U6ffWR00L1WOY4-6s1spfznYWSwggKcLsoJlR70rZAMipk4A-OphdDXYYMJ0DHfoPayP8PScJaCwy01QSh1u5FF8rvTida5-QwVytYAuJoyra1vUDxP7bWEsipek-1jEdj68Vb4KCLxY1lD9gQy7zNUMAKczy9y3JYN1YZG9opfQPQZrIDrS6ERKRVh10LKlcRXn0du-cXHjxXx4k9ApqpBXYzuiKTsVK4X8GcVCcdLEilL-WF8kUSiuXvD18a15eJGtKEzaeOebVgPplafqK9wFYG_7bmKl9vHvnapfVD0TeczFMZ-KOWVWaS9qDUC9BomKBDbBeeTYgAPrS2OBEEa0gubDkBTA8p99diAEC0_rx0eo0wjT7cjjOOr4J56-LUTFdbXsXt1khBIgho5IMlnNCMmSLikF3WsBgmcqtkHXGR8QsGEGKhCN4b9BtpjVJWVzoeDU27lvdppNIquGNMsK_YVXj2z5UqndLnidszPy6A_ESo-gK6IIs361iOchC6JW30_pgztpRqGst0DIxDHRo2dGmurdun4PDqSHQCP1VnxPv_p3D32SIAAy2inHSH20z9gU5MeCT5RktzUkjL0fqe4btaOjEzEaAIzJobyxKyLz7BRvnYYewhzhlAk-9y23b9M2xb1BMcNdkDmQ5NtoaLq_hibKXIdAVtYCEY9kvWhMIphNcmed8JQ6cpdJtBS353jVziBlVRKpU7smMPlHxFCHvwXNNoqPYhpqiCYWm1-3skaLMBXKlTVWo36YZvTn5wGhBkMtjFNjh9SDZoEgVQ7iqfrEnJvQlAil4Nmogzv_79Hmq5hobMJVEFq0BVG_mtf-CRj8ZsKCpx3E9ePjC6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame B1DA 170 KB
50 KB 41ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 6ffe3e06e87f10c9951b52db90f612780366c729ce623b70a95897818c8094b8

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
content-encoding: gzip
last-modified: Fri, 26 Jan 2024 18:05:26 GMT
server: ECS (frb/674D)
age: 402
etag: "65b3f466-2a821+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 51382
expires: Wed, 07 Feb 2024 16:03:02 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame B1DA 43 B
276 B 41ms
40ms Image
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=64540b13802884ec399165a1c3779232&__adt=8240603807930805895&__ade=1&vid=5110204614155027404
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame B1DA 56 KB
15 KB 39ms
39ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/67F2)
age: 174
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Wed, 07 Feb 2024 16:03:02 GMT

GET
H3

200

B29255022.357506022;dc_pre=CMqR9YTLmYQDFUf0EQgd1TgONQ;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181143
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame B1DA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17073211...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_pre=CMqR9YTLmYQDFUf0EQgd1TgONQ;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_chil...

42 B
64 B

63ms
63ms

Image
image/gif

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_pre=CMqR9YTLmYQDFUf0EQgd1TgONQ;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181143

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506022;dc_pre=CMqR9YTLmYQDFUf0EQgd1TgONQ;dc_trk_aid=548519608;dc_trk_cid=185782224;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1707321181143
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 518D 470 KB
470 KB 40ms
40ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 63683
x-amz-request-id: PAK69QZM0H9V2A8Y
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: XgyiTy/W/L/KvE/aOSyeCxdZE7kWEUUWmfiIzj906FyYY9OCLByg95kP4cQPVhZDyAhDL2ckl3s=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A4D 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_iATWKfDZdToN9yL1PIPoZirgAcAAAAAOAHgBAI&bg=!AAOlA0zNAAZh4eseQeE7ADQBe5WfOIZtNp81A3U5HtgTlZ5paA_9vaXOH_fxoEHFzDUn16Y94MadDCjLs7SolE-VE_IsAgAAA65SAAAAA2gBB5kDB3OYeNwJIwPx5uheBzwJw8wV90KO-3OwaCgW1VU-JofihAKH7OYwTW-xL_6nPqUNq43F8tKcOJxQUk3OioqHRQpGwSZqWlBrCdP4Ll70ypP5ToPyacnZ9QE0TeIDMjiOCrFA_MPDkfYDQfPSglSc8NgoZ9ShPmlap4UBAfhnBDyuLAj4tMZVdn19lWZK5dDOj9OKM9LpUUCswfp7HMh8uEM1nOzf1A_YtHTItNyxW70_qk5s3B6W0sU5xBCey22qenXo0mUYrmx9S0-Dcj78wqhhEIH6r70ipBTrSOn2k8JVI112QNCDmmW9Bz5Hh_wvoZiDB_EE3VSMAdF_Cgq4QpCztbBEnqTFXIehA5grbQWgo_8-5G72aPnj7qadow-uGFEPmF_UAIZR0MQrwgFy0uv8Vh9u3mQsFibLy1QFZ2uT7SLOMNROFd45CuFxLvTTLDCKkFaMzZMg_QUzaEUKbRoFVFtpdTr3Q6VcQ1Zm0tckVo2yUIQtQWY61NDmgQHZAg16XLxEoWIZDSzHT7zMFMzhK4to_9UF7Y7oHOhNIY1vHNEceiyhu6WWvVKL7wxMX-Mm5zGl5oRzcSOxzvUVieotHSUx_6T9UVgfqCbApO-Y7fltvXCKab-x-QFZ8n4N3ZbEUVV99xwtncssEhTTeE8jJSU3gTf25A4cnk3bx4xHXf6BHYWXzA87JCcJZQt_f1OQ7F-TKlAWpIfhMChLnAxu24gIbIMlhfHi8ju1ixYrOW2HLwydr6REccLHGtJJNYddC5MGWgH8LUkTgTSMNRWyWngM9eR77-qjMwK6o3YIrDmDNA-rI6wC-nF1Pf6A5WieNzGHA_dSfm0ZUbLIJtqTS0bjv-_5cD2_FXGZEtFNK0Ap--v4gV4Yx-zOtglXE439_wlgb2jvCO2GhhUGUHFSFp96JJBWZRl_swOW8DG0LB1iD_LtZPKeZsVmmFqfV_HYFwwvXlyWhrYIKkTxARTvMcRwY6e3B0me-7IxM-tfxftZT6XTGF0RBk6wj1--IaST5gWuC9g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F3A5 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbLa7WqfDZbHBJaCyx_AP8fOJmAwAAAAAOAHgBAI&bg=!oaKlou3NAAZh4eseQeE7ADQBe5WfOMup3XyZQRY6XfhQ6r4RCvVLL8-pfWeIwcgqBGo3n9ejkMzOy1YgKOPLEl7HUIfIAgAAA6tSAAAAA2gBB5kDEs8tt2WorPXx4_08dvAhSFcltbTARzZG4zAEev8MqEYiGYPTp2EdfFgdaZ2zfTvk9fhHgWw6Oe2HhdT9vIOGXxPYX2G_plD4r2jSX68kBJ_uxfHioAFMs9hQQ9WTyapPf9gGMiH2h6mXiRaI7pMbNz0J6FgXhpZn-Dov8Y1IY2F_w9XECb5x5H_3WkBBdiTbpdn3Pk48QtkES-p74qo3JFDt4qxIRxVb5T309Pl063WiEYqOsw4ljHoK050dKQTjQW51xkdimZkf_O9zORaAcqLrO5gUh_fiSWAIZHiGf7GuSj0QJeQKc5gCDccLOHVzyWXYwCPe6goiQuyX6lIJj5nen1phefjLZfF7gMyMsGXFYIYDyqvnJfCrVLVxS3mKJI2vQGtZLuMFMgxhxgt5wkoaO8kpzb2HRILSAVVEDs2gGiSUnH1t9ihUL80z5owFaJhAzsm80fSzgsModd3SKaClATY-jPDj4lWi77bnpAhTMz6RhvtmnLZ8lDasE_AZ8rwTNlYl4HMfpiiaaCUAajJoVgskFzR14yOXVNXZug6q8FTOEjwfTbB7MXWb9UdjNJT4TeElFuM47LWMlH_5q4lUDIMz9tgJePPVqRbzC-qCTzUR964iZAyqENghptdO_Ge_XurArxj-MJi-m_-fKLoL72lHm9emPgC_xYdXCkzoN21rnjXdyGXUG9Ju6yHe9UUvKTIsQ6V1Eg0qW5yZuxre9KFknd9VEdebxzvpLeF8dd9Mhb0-LAbcGZcdUi2C-K-weQpN5BhBU2GKWwKIbd00h6P8uj-RTuTNwsH71_f9--MZcbUQ7YmCDGgfwWpMJ-XZjamck2sE73JJbNZilXprZQnL72vgH_gauFb6ALvI1U8KJ-6J9l9Doq1APmifbc9bhPyaOV9VySCN159EBO3mjl3Zot3vjU6ST-HZrtvvReGbPzjwOecC4QkVJ5Q6KuO3hDei6tN42cd4O8GvX2hglTgKVqwaaqq4Rgj8O1zmpX2h0ZGtsccefc2c_EgabZuRu3CxJ9gfQHKwLj4xCI-SsQ

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F97 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bg4P4W6fDZeGgFqWF9u8P0Muy6A4AAAAAOAHgBAI&bg=!CQqlCkXNAAZh4eseQeE7ADQBe5WfOKdGhVtm-e-plBUBxtAMb2NcxPQw-Rgw4YvNe-FpUTv0cs4ZgWfvKb7PN1m1TdEyAgAAA6JSAAAAAmgBBwoAGqIGtCddZgtN-o-Z9ifXQDan7o8lH7t1FPsPmQMM6EegIBZ7j274i6KJJRZA8MZVDgATE4fIQLQridITHSHvlG5opdbdON7hd__CSpyWrFjjSB3fFkvRFyg0C1wE6mz2g6prTk6fyXmyJuJ1MEO1vN3Bnzo1tFE3NVXy7kVKodLarHJQplpXml-uW0kINmdU2RRCEUzfyelYHqovTBJK16KsX1LkRw0vXyrjdYz-vpIJrFSS3Oyiq4UjHF08z_NXD7B5zlXRvDuGQ_Sfe_3ZkbTN6DR9fWfRtQEn4qP722wx9PtqEP6kTEvNxUrOkDG1P7jgRhl494kL6PJbx4IJJYfsPeBe8HcTfplsh5GVlCc4vPCkj2MlxjrGK_oyHnxTsnrnnoxKaNbDDIlgZ75tvOYWRGIjCv7bZO6rF5hVZyz6UBy9fVnJcOeRD9CmSAWZwe5FDIjXPLBiQ92v95JGfqkVm_m-ItJJdoJW3QYZdNB_M5rxobQC7iVbG2Xiam8XrboJmdArFhwBYkYsqc-IuQyTIz6Q_sSO4noXKeYoW_XC4g5rhKEq2YjxFS6Hx0tPZ3Uv1_i-zvF-ROVnPBmECKULSCXLh-hGCv2NiyCL6G3jhRO-WGTS2iyXUKqkzkIfPUTY58AylYTV09ElBstpMFwz1uOJALO_sLPBY1AzmSHkWOps7NTYWhG4HPF02c7DXB2xIOHDF-xLAOYwLI0bqmb7lnwI5h9NVLSTSf0yYh0baARUnKigy_uhAddzS7R65wAfsvu3suNVWsqGZB4naehJG-mDEEfsw2J4qirXZqH3GD-CJyYvH8vnwMcPeWWbgL-IQeLh0l3cGfSVxPWT2R0v3J34kpJQJZDfcozwLqWU702YMOzbOZ9_3EGuzr3aFJ975B1Abl7aEdzqUr9U8Kg8uu829HTuIzwFKGjrNT4-gRRjuyYj0YGMU2l1q55bkCacnoPZ6kxYXMcmC2INlPNSfULQHxSPftg7gG0zgzMqGM8Et3rYqqrdOVOXGb4aL-Hu5MZA2xAwkvg4sNjpdIBHFXZp7duO5C1a03CBJ3PFWcRCBQuw8sK6

Requested by

Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B1DA 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=2104438410499588&bg=!tbaltvnNAAZh4eseQeE7ADQBe5WfOA-KXJwX0xk8WSlZFV_Oc2vAEPbYYFLzC8BTNZyNFlNx3sQsxUQTvhIXmP7HaOrcAgAAAX9SAAAAA2gBBwoAqFXzBhROTARacfU7ZZI7uw0JUart4sMefKmCr-idYLb-TeZUZHRLpWcGRgHZE5_2D-1xMZ_r6fQbIxXIdRPx1EhQvKsSbL8dKkFBvDt9rb-mMrY6tUW67eDc0caQHJmgOjYsFM688spfrUz--oCIofAF0uoSApgPDrq7SJPkD4bNctSAjqAQzl_vpyTrp-a3drLIDuXsC5hKf6rTRkx403ZCeRPwWxyDe5kCyn9saE4nFh5LjjOuqobsV-gDcBN9DN6W3N-uzjXF4Zuh5J2SG1RHzxk2z_9niFpLf9aRct5clixom9tXOI05OPHGrVR22j1lsJHVq2zHBtlqBvTutzspKZ3wmHu2VfUlDJ9GQR4AeIVijRWqXmVtsBumfzyt83EybRycJuwvgpjgZHWtsFWH9Kd7HnaTEjASTHwcORjGEbH5p5l-mSphZyX39eLoANrwgCTqO8QiTyjOfqghiB4N6ConmEMw3gFlpYNZu4eCF9zeqd0gdsPE4vEu8P2hpEiVOhhz99mzB4HPrxWuCoyXAdIYvSsDrlwbx6b398vfKXDTL4AYg9bHiAlK6RUWt3gvwnanesBKBGtL_auMT-cqQFL0ALktN2mtqkMByEBrvzwWGSOvwBuIWBSCiZHYMCR6x-lOBYa9RCiRdpS0xtccRr1eWUySL6B7ZqjyGUnSdV2c7m_btx6pw5lx7jipdpBFvq2IK_7XB99M5oKf5vFYJDM4uqP_KvkPxEPfuI0x5GoJsYsLqnrvDh-TTcDV40Cxmv7yBDMObnIgnZkpEEp5I8i8DRl5FOhFcmPvL0PhrsJwTRrbLLmmWqQaY75k3Yt17mxcYTGKuH21dpysJTK3XRytPbuN0guqGNMhrQM1yNp2gMrTW84QChoBdQloWZWxoHqxmO4-qcCfc0VKRKRTZc0tmVWHPxq1Hn_i5qAyaE2siuQpGyxsSJOlsNBhIBN5_V__m5PO9QKWbfHpOaUn6xpRoPAcX1XAaZls-hZQtQx5qvj6N7UToQYuHLx1Bd5__vEGT7ktFmbvi4TJlcEtIxYQWysz_V2ts28YRAFCOHWtiRiTf1zRP1Il2o7TQEXzKucdq86ZyBW8fM55BGkRMzVbc33JwTiqUl35ZwG9l5euNHXq9LVp8ZBcDiMKAamNtPFS-ivCfXFmjNZCOzdf9z9k6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hayat.ba/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame B1DA 33 KB
33 KB 140ms
140ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 201
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Wed, 07 Feb 2024 16:03:02 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame B1DA 286 B
563 B 39ms
39ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 66013
x-amz-request-id: 843CSRV1WRE85YRR
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: eIFgsZ8KxmOjHvk7cT9wURRhqaU3th5rSxtv5Mw3SQVRenZ0uC7Z0buPFV6TkntMaTHBbgRSAV0=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame B1DA 470 KB
470 KB 139ms
138ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 63683
x-amz-request-id: PAK69QZM0H9V2A8Y
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: XgyiTy/W/L/KvE/aOSyeCxdZE7kWEUUWmfiIzj906FyYY9OCLByg95kP4cQPVhZDyAhDL2ckl3s=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 518D 33 KB
33 KB 123ms
122ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 201
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Wed, 07 Feb 2024 16:03:02 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 518D 13 KB
13 KB 123ms
122ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 79277
x-amz-request-id: ZPCES87YXN3HG1NC
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: YlKla3ADEU04QG7xWRinVsDd27dnsW4u0H0l93r0s8Dvbzs2QnbkszJxPG2bbYu0xxL4LfSDGpU=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 518D 286 B
316 B 41ms
40ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 66013
x-amz-request-id: 843CSRV1WRE85YRR
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: eIFgsZ8KxmOjHvk7cT9wURRhqaU3th5rSxtv5Mw3SQVRenZ0uC7Z0buPFV6TkntMaTHBbgRSAV0=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 518D 470 KB
470 KB 236ms
236ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 63683
x-amz-request-id: PAK69QZM0H9V2A8Y
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: XgyiTy/W/L/KvE/aOSyeCxdZE7kWEUUWmfiIzj906FyYY9OCLByg95kP4cQPVhZDyAhDL2ckl3s=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame B1DA 13 KB
13 KB 173ms
173ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 79277
x-amz-request-id: ZPCES87YXN3HG1NC
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: YlKla3ADEU04QG7xWRinVsDd27dnsW4u0H0l93r0s8Dvbzs2QnbkszJxPG2bbYu0xxL4LfSDGpU=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame B1DA 470 KB
470 KB 173ms
173ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
Origin: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 63683
x-amz-request-id: PAK69QZM0H9V2A8Y
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: XgyiTy/W/L/KvE/aOSyeCxdZE7kWEUUWmfiIzj906FyYY9OCLByg95kP4cQPVhZDyAhDL2ckl3s=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

GET
H2 200 2080316420_a813ceafe06045868a84451983223755.jpeg
cdn.revjet.com/s3/csp/1706578782610/ Frame B1DA 116 KB
117 KB 41ms
40ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1706578782610/2080316420_a813ceafe06045868a84451983223755.jpeg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: fa7eb16497b7b9eb5b2a3e6687e269ba7a645b4c3a44a48fe050f6ae4de3e5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:02 GMT
x-amz-version-id: UviVpkBu_hvOKmmmiaZN08WU6ECOp9Ed
age: 83985
x-amz-request-id: Q6Q4QPPDJZ12XFGX
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 119155
x-amz-id-2: sY38R+xc+fPAzG6P+Y4EjmLy4B0OYuz9TUItS/cG0huSsjUAzMeVP7clCAZ/LJxny55bh2nKaGE=
last-modified: Tue, 30 Jan 2024 01:39:45 GMT
server: ECS (frb/67E0)
etag: "70de85bf068e7433652ba85f7a150721"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:02 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9K00VWKFLJ&gtm=45je4250v896637492za200&_p=1707321175638&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=58662235.1707321176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707321176&sct=1&seg=0&dl=https%3A%2F%2Fhayat.ba%2F&dt=Hayat.ba&_s=2&tfd=11290
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9K00VWKFLJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hayat.ba/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hayat.ba
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 518D 43 B
276 B 40ms
39ms Image
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=da74e112a9c726a248582d7c0587a477&__adt=8240604171402400834&__ade=1&vid=5110424516480582595&__clstampdif=1514&__stamp=1707321183407
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:03 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST node.php
node.setupad.com/node/ 0
0

GET
H2 200 613590468_d8c584d888234f0bad6431b34411479f.jpeg
cdn.revjet.com/s3/csp/1706578319327/ Frame 518D 52 KB
53 KB 41ms
40ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1706578319327/613590468_d8c584d888234f0bad6431b34411479f.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: b6c04e274736c05543d6a0d31bbf124a4c425bb46624cb7e1c63b0f2a30f4991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
x-amz-version-id: HWLmPFDENxrA7x5iqKBbIZzeGPo1gDP4
age: 25883
x-amz-request-id: 17FHHHW0CPNJ0MP2
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 53652
x-amz-id-2: WY+gC6rsLYF5BeLOME1lQqbvoF2ex2uB4L99en0ZK3fpa/yjdKNRUjXkfxeWwmwfhIyptZETDSI=
last-modified: Tue, 30 Jan 2024 01:32:00 GMT
server: ECS (frb/675D)
etag: "0de23b00c2d3af9e6f9f2c2b24673292"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 518D 3 KB
2 KB 40ms
39ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 60977
x-amz-request-id: 31VZCNDNCNR2GS5X
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: h6lG+ulVB7k0ExaCD2EUNtxHpTgnUT+UzlQiLor4tf8ggqusf3YmPsqNXzbRiSwsHnHt1fXqhmc=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 518D 632 B
628 B 41ms
41ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 65959
x-amz-request-id: FAQS7J4EZBE1J3AT
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: OQ1vy2+DjJXbN3hGDETNPB6N5p5qwV3cPbCHoiyX8/CKJYzOAO1ekKblRCRvd0rolgyqXtDLoJw=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 518D 7 KB
4 KB 41ms
40ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 63718
x-amz-request-id: G31G2KYZRPHR0V3H
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: jl2ODf7h82JTllnk6fP86oVEKdI17351GjlZF27Q88N/fo1owBo5KZSB7U9rqEQp3LFwVt/mcb0=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame B1DA 43 B
276 B 39ms
39ms Image
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=64540b13802884ec399165a1c3779232&__adt=8240603807930805895&__ade=1&vid=5110204614155027404&__clstampdif=850&__stamp=1707321183508
Requested by: Host: 1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
URL: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:03 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST node.php
node.setupad.com/node/ 0
0

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame B1DA 3 KB
2 KB 40ms
40ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 60977
x-amz-request-id: 31VZCNDNCNR2GS5X
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: h6lG+ulVB7k0ExaCD2EUNtxHpTgnUT+UzlQiLor4tf8ggqusf3YmPsqNXzbRiSwsHnHt1fXqhmc=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame B1DA 632 B
506 B 41ms
41ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 65959
x-amz-request-id: FAQS7J4EZBE1J3AT
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: OQ1vy2+DjJXbN3hGDETNPB6N5p5qwV3cPbCHoiyX8/CKJYzOAO1ekKblRCRvd0rolgyqXtDLoJw=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame B1DA 7 KB
4 KB 41ms
41ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:53:03 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 63718
x-amz-request-id: G31G2KYZRPHR0V3H
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: jl2ODf7h82JTllnk6fP86oVEKdI17351GjlZF27Q88N/fo1owBo5KZSB7U9rqEQp3LFwVt/mcb0=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 08 Feb 2024 15:53:03 GMT

GET
H2 200 a8e92ce7edaf4cc7b43420af31759f64.jpg
img01.ztat.net/article/spp-media-p1/32dcbab5d8764d02ba4aca194bbc5e1d/ Frame B1DA 7 KB
7 KB 155ms
45ms Image
image/webp 2600:9000:206f:2200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/32dcbab5d8764d02ba4aca194bbc5e1d/a8e92ce7edaf4cc7b43420af31759f64.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9ead4d480831847b3c4fb6e7e37659c7e1f400f5f4a17a1819c9a680d645536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:15:04 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
age: 578281
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6716
x-amz-expiration: expiry-date="Fri, 26 Apr 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Tue, 16 Jan 2024 14:58:05 GMT
server: AmazonS3
etag: "830de8028ebab63e169b0a1c054ddb87"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gJ7kdu9ynyEPpnXOSZLA4Aj4FdMxiYpS0rILoDA9phXTnmgROv11lg==

GET
H2 200 c5becf58a1fe43d0a9a45bdfe131f25d.jpg
img01.ztat.net/article/spp-media-p1/ff4d571cf95e48b2bb81ee8edb91b610/ Frame B1DA 6 KB
7 KB 157ms
47ms Image
image/webp 2600:9000:206f:2200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/ff4d571cf95e48b2bb81ee8edb91b610/c5becf58a1fe43d0a9a45bdfe131f25d.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 08530b7c086db144ba5df7c2bc3c994506ef7a13a34502f533f0389e59c94bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 00:28:16 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server: Skipper
age: 573888
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: s5Ig2unKORbI-vu_gaZLPUuJbTqs_BhpcEfPADLK5ORiolF5m1RO_Q==

GET
H2 200 21727c70b217455db0a370963c496795.jpg
img01.ztat.net/article/spp-media-p1/e0abe4ba9f9b4871841c9f71f4f88a35/ Frame B1DA 5 KB
6 KB 151ms
42ms Image
image/webp 2600:9000:206f:2200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/e0abe4ba9f9b4871841c9f71f4f88a35/21727c70b217455db0a370963c496795.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4f8b1820e6f5fb883cb545b67148e5ef435dd61b259bdfdef8a279bfd627c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 03:20:41 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
age: 1341144
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5396
x-amz-expiration: expiry-date="Sun, 21 Apr 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 11 Jan 2024 16:49:50 GMT
server: AmazonS3
etag: "7587a9bcf8fc61d935e7f4d067d6f271"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: thfvvaAIGn7Lub_mBbyfF5qPT1QkRU_JPf_rgCRuWNrQ3GogcBjp4w==

GET
H2 200 0b3c1f62053c4f29ba62ace677df9b47.jpg
img01.ztat.net/article/spp-media-p1/3d06186c1f0d48dcadbc1266b8e62e5e/ Frame B1DA 10 KB
10 KB 162ms
53ms Image
image/webp 2600:9000:206f:2200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/3d06186c1f0d48dcadbc1266b8e62e5e/0b3c1f62053c4f29ba62ace677df9b47.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Skipper /
Resource Hash: 7373163162f271ff9b5a013d8e7c3ca9763ce80b69dc839493171e1ebdd9f6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 23:46:42 GMT
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
server: Skipper
age: 576382
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _YzO-Q2N3ZduqbqaeG_3DiwHJdt07R890kBkR6FL8V8AqZjjRrUeuA==

POST
H2 200 900
pix.revjet.com/interaction/ Frame B1DA 43 B
169 B 39ms
38ms Ping
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=64540b13802884ec399165a1c3779232&vid=5110204614155027404&__adt=8240603807930805895&__ade=1&latent=0&vis_type=8&__stamp=1707321183930
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:03 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04EE 0
20 B 201ms
201ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=609201988446&version=m202401290101&ct=77&x=1&cor=12689780799825600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 900
pix.revjet.com/interaction/ Frame 518D 43 B
276 B 149ms
149ms Ping
image/gif 168.119.2.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=da74e112a9c726a248582d7c0587a477&vid=5110424516480582595&__adt=8240604171402400834&__ade=1&latent=0&vis_type=8&__stamp=1707321184434
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.2.148 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.2.119.168.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 15:53:04 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 04EE 42 B
64 B 175ms
174ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1oWyHXWddmXa4UbwZXHc_SgEykkJ7lwYAyZxfCFxjnQgJeQcb4xWuuqjvNMOzgjAQRCf7u1vTpZ_4NrzyWruDMxtqIZj6L47NUr-Pedaf0WlMqokkhXk8dwHH-yHYAalikBOM9uAcg6xADrhfU2K84qbwxDOir7h1Fw&sai=AMfl-YS72VAB_06ptpkWJyTu5dzjJBlzeORTy_4ScMbrhsjc7Sk7mnpsPH4snxGck_-E0Qg_ywZErO2FFDK0MaFASBDR8mUfrm6qVbY89D5nC0a194wLQC9vXj7t1r6XRI4plB47P8Lk_AGzXWQ_oO3A&sig=Cg0ArKJSzGdzK9hy8pGMEAE&cid=CAQSTgAvHhf_GRv-mbR6W86E56z6fxCs3Vui6IXjYQ3OXJ6W7LXC2imZQuSQ6efYCI9Y3Wd6MXEmvyZBc8D3z9n4ZPs33pGpryUvv-eLvL2gMRgB&id=lidar2&mcvt=1017&p=7477,0,7567,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=713594834&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=325398000&rst=1707321177642&rpt=2383&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-904ac2d-53355591.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1886 0
20 B 103ms
102ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7599069681710&version=m202401290101&ct=77&x=1&cor=15051853957637554000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 15:53:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: node.setupad.com
URL: https://node.setupad.com/node/node.php

Domain: node.setupad.com
URL: https://node.setupad.com/node/node.php

Domain: node.setupad.com
URL: https://node.setupad.com/node/node.php

Domain: node.setupad.com
URL: https://node.setupad.com/node/node.php

Domain: node.setupad.com
URL: https://node.setupad.com/node/node.php

Verdicts & Comments Add Verdict or Comment

484 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hayat.ba/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.hayat.ba/	1970-01-21 03:51:21	Name: _ga Value: GA1.1.58662235.1707321176
hayat.ba/	1970-01-20 18:15:22	Name: stpdOrigin Value: {"origin":"direct"}
hayat.ba/	1970-01-20 18:58:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-21 03:51:21	Name: receive-cookie-deprecation Value: 1
prebid.a-mo.net/	1970-01-20 18:15:21	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 03:00:57	Name: __amc Value: 1_1707321176_1707321176
.criteo.com/	1970-01-21 03:36:57	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 03:36:57	Name: uid Value: 6052f942-fb46-41ac-b0d6-5df82d50879a
.rubiconproject.com/	1970-01-21 03:00:57	Name: khaos Value: LSBYY2Y9-U-59CY
.rubiconproject.com/	1970-01-21 03:00:57	Name: audit Value: 1\|naVuGyos1qoCpYCuZh0R3ANb0fGVcfL/XWaA1sYWTLHiXIXbtn90w24PQnJxqhQ/IlPXhGHktjVIHHY/eKfzM4XkPdjTHC1fIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.openx.net/	1970-01-21 03:00:57	Name: i Value: 2cde38d2-d965-4f8a-9610-37efd11d75e9\|1707321176
.hayat.ba/	1970-01-21 03:36:57	Name: __gads Value: ID=2be3e8c578a2b3a8:T=1707321176:RT=1707321176:S=ALNI_MYYaiArz64sUX3xxT25dgXW0MvI9Q
.hayat.ba/	1970-01-21 03:36:57	Name: __gpi Value: UID=00000d5306bd07de:T=1707321176:RT=1707321176:S=ALNI_MY2PaEIzU5W8-qmjzI_39St-rhe6A
.hayat.ba/	1970-01-20 22:34:33	Name: __eoi Value: ID=16e6ca71e7e06620:T=1707321176:RT=1707321176:S=AA-AfjYGTmWBESyxc7S3todkyumw
.hayat.ba/	1970-01-21 03:51:21	Name: _ga_9K00VWKFLJ Value: GS1.1.1707321176.1.0.1707321178.58.0.0
.hayat.ba/	1970-01-21 03:36:57	Name: cto_bundle Value: EA5w919QWVNjJTJGMTJJRVVKMSUyRkhFJTJGempYdE1HWCUyRlYlMkZibmElMkJ0dFhua2pPVEF4ZjIwQUlnTk8lMkZhSlQwWFU3Q1V2TEdpSnJwZVF0aVRqOFlWTmdZbW9HcjdIJTJCUEJFYXJVbzlQekt6Q0pWYlFxaVQ4NFJ3TUh3Q2d6Z2RPU3dWc3hvNXJrcHBTdlZPa0IwNjVadWRZSVVVV3FYcXBnJTNEJTNE
.doubleclick.net/	1970-01-21 03:36:57	Name: IDE Value: AHWqTUkk-h2RbdQY-XD7-FHlNknGy-MHbcYPqp4H5HF1J9Pf1IN5DDH2AxHUyVmX
.doubleclick.net/	1970-01-20 22:34:33	Name: APC Value: AfxxVi75GvJ1iJxfkoaeIMM-U8upcD0yDQUVu30JW7YqQk4qOxsX5g
.doubleclick.net/	1970-01-20 22:34:33	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:00:57	Name: CMID Value: ZcOnW98r43C.eq8u.1.tiQAA
.casalemedia.com/	1970-01-20 20:24:57	Name: CMPS Value: 3334
.casalemedia.com/	1970-01-20 20:24:57	Name: CMPRO Value: 3334
.adnxs.com/	1970-01-20 20:24:57	Name: XANDR_PANID Value: kBtxRIFXI1h2Kf5Ez3r3yxrhAjiaHuz4MytQ1ywc5IKiuY8PLQB4ihAu_X81CVw3XTi_FLCTZSog2z7uKXzPbC4NibBN9dsPAXy-FgXUZF8.
.adnxs.com/	1970-01-20 20:24:57	Name: uuid2 Value: 3256999160796173201
.doubleclick.net/	1970-01-20 18:58:33	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 20:24:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU'rgFqi!]tb)8i_iqf!oN/@E'zz<*Z0Q@x.+_<=fl/Yn`0Bst2:4%AmzhR0)Z7pTIh:<QG=%9sk@3@'s>T/Kq6q
.doubleclick.net/	1970-01-20 18:15:24	Name: DSID Value: NO_DATA
.revjet.com/	1970-01-20 18:16:47	Name: ads Value: 64540b13802884ec399165a1c3779232
.revjet.com/	1970-01-21 03:51:21	Name: trx Value: 5110424516480582595

302 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s0.2mdn.net/sadbundle/5166569052526308556/index.html?ev=01_250 Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://hayat.ba/ Message: Access to XMLHttpRequest at 'https://node.setupad.com/node/node.php' from origin 'https://hayat.ba' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://node.setupad.com/node/node.php Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hayat.ba/ Message: Access to XMLHttpRequest at 'https://node.setupad.com/node/node.php' from origin 'https://hayat.ba' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://node.setupad.com/node/node.php Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hayat.ba/ Message: Access to XMLHttpRequest at 'https://node.setupad.com/node/node.php' from origin 'https://hayat.ba' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://node.setupad.com/node/node.php Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://hayat.ba/ Message: Access to XMLHttpRequest at 'https://node.setupad.com/node/node.php' from origin 'https://hayat.ba' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://node.setupad.com/node/node.php Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://hayat.ba/ Message: Access to XMLHttpRequest at 'https://node.setupad.com/node/node.php' from origin 'https://hayat.ba' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://node.setupad.com/node/node.php Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://hayat.ba/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1129b937dd59916fdee80e106c6d1bfc.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ads.revjet.com
adx.adform.net
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.revjet.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hayat.ba
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
img01.ztat.net
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pix.revjet.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
region1.analytics.google.com
rtb.openx.net
s0.2mdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
setupad-d.openx.net
ssbsync-global.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
tagan.adlightning.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
node.setupad.com
104.18.36.155
104.26.8.178
13.248.245.213
13.32.110.114
142.250.186.102
142.250.186.66
147.75.84.158
162.19.138.118
162.19.138.82
162.55.81.174
168.119.2.148
172.64.152.89
178.23.184.42
178.250.1.8
18.245.47.29
18.66.147.69
184.30.21.51
184.30.211.26
184.30.22.30
185.184.8.90
185.64.189.112
185.64.190.78
185.86.138.32
185.89.210.82
192.229.233.6
2001:4860:4802:34::36
23.35.236.201
2600:9000:206f:2200:15:157b:ff80:93a1
2602:803:c003:200::43
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700::6810:5614
2606:4700::6812:1f31
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:20::2100
2a0c:5c87:5241::2
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.156.69.117
35.227.252.103
37.157.4.29
37.157.5.132
52.222.168.86
63.34.44.38
69.173.144.139
89.149.192.245
99.86.4.30
0016e81c084362ca54189c706b9023b74e9a50249f6b36b7c731af295fd81795
007ea04e93f84b11ac53c81e4d682a1f80a248eb69ae358a65646be274b93695
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
014fb7dee5535bdf14139fe965136584184aed742b114aef597df46125520177
02feedcd4283d7430bbd65d29028bfde8b1e0a043077898249f44795c1199fd8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0536d3be6f4c21ddf0d13d2693fc2fcfecff0992de7f5a70fec81f02cf3add4e
06669b8542992d34be3628972c63e1c2793d4062baaa22b55e46acdfec604942
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08530b7c086db144ba5df7c2bc3c994506ef7a13a34502f533f0389e59c94bbf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0948f56be6e9a79002506e518c06c54e61511886fe54f4eb29567f280a204591
0b6bc0dcec89bd1bcbb3519273f8de9135da30b3684f184e65c772830e45ad92
0b8945adf6601a2400f6f3c6937640910ec80b27d9179cfa8e33e9b569a3f10e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba01710f53c4cc3277b37e7c08c66d09196ac040fabb7bb5370aab7d78b77f8
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
11ce102ee7d79bd0a799efc1712f3263a492764c185003bc602b3de9bd3e313a
130391d24e5e878f5eed6b0b166d061f8f03009e6b26d1b5b28af2c8269c14dd
135e5a3a0453547e21f198b1ab431298f70980339ad914c4fbd0e16254d43979
136cf7e0d9d35b112b1519e512a12767a73e2fe2d73875eedc65a74844332332
148a10a7c5a8ae7ac5465e4a810ba0430bc9a7cacaa7f2e62910058d8ec2b5c9
151abd13e8a8005205cff7523540a8c8cf0a85ca3bca60969a14a79314a35627
153816163995b97109a94c93feb2822e5bba0a8a61e3a9ed57d2c4ae0971ad21
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17163514a309a74d5ef535aed787f3be01bc7cfc9a4f94d6645398edf6791761
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1ca3efafdee5245f13018dd0be34d9474659f4103ddeea204848aae9e5c7a75b
1d2f50c8154ffde59eee2e5ea17a9c7e0379f816f8e9c49a8c5d2c2d6dc93b4a
2156038eff7d2881ac962201614eac0c8c90dcd1fc9de423f8895cf4da9012bb
22d84c18e68bb1b5077feafaf53cd895c25f6d38c7c98f6b0f11eeca59537fe7
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
244db8007773ba4a992135005dba7c649f3934012f7cbb1923336c58134a4634
26ceadaf753ea6b36772f15f14170a1ea1ae94ebaf8b542e4b291ab7cbd0df83
286de179916b785507cb2dc05f3dd5ef94330c40365422dc144018112357a1dc
2bc4243c6ad514ffdf8f220a84b2c44b8b687e80ae5b236530012846abf754ea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f57a84565cda791524849542379afdd4971edcb405803ce74c82a192b0eb458
305d8b8852028738ae4679432e363ef5783d5d975023f361cc8950b492445c26
30d513a8ec41577737b734980100c9721daeecf3e7e9836a539bbe0ac4f0d448
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f
3beb16c6ec1fad4d504801c764196574b86f56c66f97090de0661f4796d95891
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ce0ab709de3d48bfe8ca770a66243f1679a822ea38ff6c3c97f14d9a86ac482
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b64d5b41a149b22d8d000ee5d26800e4a28d31c383d5742444aee4cef36e4b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44949313c604b4472ff1ef7fc7834736ab03a3219f96491a70d6ef648fa33b62
44c11129f58a06c71060a4087c2d3683e3cd25dfd7bc0c1c4c3b43b3cd0e9792
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45836c60d07911460843308376cdac6cbe30e56b7f8cb80fb68baa0b46f8a290
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
494140099b76c96798050f1ee3ae36510b847d087edb669a216a188da2f7cb59
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50d773d4209aaa2a5d5d7865c1670d1a60e9034f437b082c342e4b9c122bbf9c
50f7208f520fb498a28b7123b922c9229288cf7c3b270c5c441aa84c047f90e7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
537db6a5c1651d4f8baa5d70d0811fac1725acd33464fb5b6ab2e7c053b01eba
538893ecd165d4babf73160d6626e5b72d81470446e8b8434477c8603962a046
5411b714760f2f7e166cfe940cbe0cb6814757d0ff704828435632960f0017b2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e066a0e6a4295608bf36a02ab71442f3a93ccfc9b1501b85c7558584bf4c3b
5889a5a553b8502e04de5b86586351c08bbf6d4d5eee21deac8b0b8e9e8dfe5a
5a1ddbeff783a01f29d36d8bb187a62d9cc8fffe95616aba3cd5fc080b9e16d2
5bca2d26288afe752682d314bf2f9492e0e169d428f9fcff2d8ead8a2d583ad1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2904ec7b7d27adf5540af959fe710ab94127faf50ba82ca841cadb70be29d6
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b8f18771f7e4918b1dc5cf675e2bc1aa316f5b08516e26103ba368cb018603
63d875689582c18d536bdbc33e09f187866e620a171bd7a604bd3fa7d15ccd76
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
64b814326cfc684df45c6537d55dd24730c411ff0943d45707776c23dc557351
650ef1908f682f981d8fb80f7721c72500b89eda18f49063a614c88e0b5afbf9
675f2ff69b9cd0d08eac89d365830d9a8ac30a6a6249e719e82223832dc40454
67e17eded48efd41da15c98b87275c8c4ef6a641859c4f253f0409219bdcad13
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b4e9e137a0dd1cfb7da6e2f27925cc446f3b3fc79e05ea90f027f91c9fc485d
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6f7db88f64fabe8d2d1e28e202b0a96a4e4a0d7853ccb2be27e755548bf6a8bd
6ffe3e06e87f10c9951b52db90f612780366c729ce623b70a95897818c8094b8
704736337e4fc877b25b5dd24b6efaccdeadf0f3730d3a01b40897f38b7f150e
70fd0b4df9628ff428df614763317c2ce0232db6fd0c5ffdc2de72ae87f252f5
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
7373163162f271ff9b5a013d8e7c3ca9763ce80b69dc839493171e1ebdd9f6ed
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7532022ffcdc7f3b6851e29d8e4c11910b505e90b9e94fc2cc6ed4b5b8cd611d
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
774b16890cefc91391c6a5eae203566e2e6226d078339dffb1ab9f70c6da18d8
78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6
792180698e17019192621dfb6615fb58b7b158c5bcb9c8e08ee92d51bea79791
7c1781abe479d7ea4bb36a3dad324da720c45829b6e8de9d2c8f97e2ea3983ad
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7c634890a4e176223075f050e505be0edd1373ae8148b183ab8c23f65b141e08
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
7f23724578ef5fd406a791a5e03059827041c355d0ebd9081a5a740a16b95431
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8235cf06504188ba5a15c4d1d64b97fcd1b4219453c4f8784a66238e0b769c4c
82932a8e8382473453096e4dfdd0223611789dafd09182838a79f8e34403b420
836eaea8982a537a79334b80637830bbdbf1c11411a843af9961db21f85d562c
83b1808bc3ec41297fee0dde291a7bede0129e0a7cc5b106c9c4301696b0738a
84a67ba0aeec788f97b31c7abe19c91154e7da46dbda481cf5cbb662a4e98fee
84ff5956551fc72f1de653dbcc731847e839614696a06b6fb65bc900993b6c9c
868598347e776c3829b943070da55edfd1484b7de9b7c66e66268c47777bbff4
86f00e302b11b841fdcba0624bb8f665ae2d410cacff90c001ae60b81d839f8b
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
8b16bb85247609a3de221bd71a9a26dcb4f78cee75fbee8b6e751a16e49a5091
8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2
8c7dfdef0caac43fa7204ba0f046ae06fb8b7dd463627c5a40191e80e4531379
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e741b9754c19e4edc8eef99c8b85bad023692c3618516c220923bc0de471025
8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
919f91d74202fb6408c6eb48a99a201782925dd380fc694fcba6c46678e0412e
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
928a0e26ebe29046fd073cc54ff875ed6e59f506f6156244a80b224753c97895
928a9c9642d5cb3bcfc458aa85b5bb31f26478245dd8ab187e624c1c21a9919a
935a3dedf56a63b7ae889aa5c8d090135428a8e2d5a40d756120d87c7daa38ea
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9618e45f8b50503732008b1f9f18f9535a1fe54c9973400a06b130b2fa9b7635
9b9a8f0dd914699bfa4dae0ae7acb163ea4cc7337c79ea0bcbefaf87f18e4522
9d0eb7c13e2d853751066a1ceb24351c5557b0ab7889254e75a8ac777673a74d
9d51ffab743363599c622d663c66dc987b6538e1342eabb0ede175dbb6863478
9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018
9dd0adea489d39e03c6de9019e92dd29363dc246de25943cd4b5b70eb3b3217b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1ba824aa210d5a76e824133be644d1094bc96f93cd0e029f0d1b61bd9df9e55
a23e46c6b3d5d0cecb997a08030a7bce86ee23a855b4f44ede37573650b17a8c
a4e9197ab98a75cc2f71d7ec25ab8d01960bb196a0d4e8575f5b38cde3dfaf37
a51003115e6640ac72b7a1c6525250bd66ff3cb60f207168c9aef0369c484098
a6eca9fcb49a7b32c8d3bc49371bdae3a3d66d33894b497cdc5297eae4871ee3
a86c6d5bd2df6bb68c3fea0f150874b634289d3d1b0e3d5268fb5ca7be9598bf
a91eb503338209ed142b4cff6c0f2b48225a48ed2ad2290573bb119c778b67c7
aa43b5e5dc80eb8598a092df1000bb4f8331042191f4d938eb2d359164e34bcc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6eb6bb243d1478a3b5eca03d9c8d8d3e993533ebfec25183880ed73ec57785
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
af3a01e20fbba9da6246a49945791e48be0a7014fbebd42b2f243507aeafd5ad
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b63e543d612152f5b04c6e77f5f8797cb13416c9c2e4440705565bb60d9d8373
b68aa363511b9a822b072c111cfc943c15d0f4ba6721c38f6af363c3e39febf3
b6c04e274736c05543d6a0d31bbf124a4c425bb46624cb7e1c63b0f2a30f4991
b79fa940b87b43ef8345830c83a63541658880b5d588f2b2041e45c4c820918e
b7fe18b7f054ef1a7b9896cbf621e6af957dc5876a432184aa10342f855aebfa
b885670b8d44a105a61e6d2d7ab91ce1069ba87c4bc94e33d2b65910efba0cbf
b938efc37455e8dd2975cd80293391cb956ea9e9d2f551631b9a87e42ef8f8cd
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5f532af6345e8bf058f3e1a36cbdabfde6282b9507bb0cb4ee6c4bc83cf67b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c0ecd932b58294ab2599d9b21128ea71e850b03420157c3d52b5d23c40b47a23
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c4b3dc7e38494e2997533e63e4ef3c3af845d34e3394a3176adc50b76abc9e22
c5ad3f727ef5f17ff632a0cf27ad59f11458e1b4033322e5d2b4b2c3abe09ca5
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
ca46c87f667a6d12edd9ff742b484a702351dbd4adee1c63aac94693dcff6070
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc1e5d6b9623887ead82dc2f2b793390ea9ec97264b8e7277b8d60f92199e2b5
cdb0f14c42e7be3c99f57c8f679fe5a19701b35e1fa7850790bbed48225ab8da
ce05a0d6dd0fe77ccb518745836c84e17e4bb70e26a830ff20a08ed38bbb7019
ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d322f1b181e54ce8f339eb05fe75da1015dc7e2586953ab99fc786f75584ac8c
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d4a05d91d87e255bf599407d00e4989e4e295a486f0031eec767d40f4c3f881c
d69331ade9534ddcc332fbce6e6fe613d1281d7dbbff94a4284006bda717b322
d6af2180435149bf32227691a2901979eb6585b64feaf5ee1e9bdecd60d336c9
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
d873ae1acedbcf4e2c8707878834d3aea6e0ccde8775aa4802f1bd7ef37f9e11
da4f21baec953cbf45d574375c2d4cfc74f066627848485f059e17b56e6d2e40
dbff47271a36fe820103e286232c870b5e35e61ff3c280ec3ae14ef4e78d6648
dc682a8d241c40e8f5f42432694c2576dd19b87aab18c4dc7a4a30a0c2a587a9
dd111969d64cc56fcedff67a9874e35080e33cf189537a931a94466c777f40df
dd65e0acae7b78acd3ba3f1c8232ec07b2232bd8ad5ff865293c171abbe54928
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
dfda628c72c1e7bb5173f97d63dee0f7774f46bb655bd76768c63fc2df6cfaf6
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2b5e86ca512799aa86b6b1e9d5e31f063c1c054012b707d03c0cc4afc6f692e
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c77152429eb47000568a8cfb40d46473ce7d29baab4565e20af0870ff53dd5
e49c2c96744157adab67436cca21d306312b9fa30c5a510bb774e204361dee6c
e4f8b1820e6f5fb883cb545b67148e5ef435dd61b259bdfdef8a279bfd627c26
e551c29f321da5ebb6313c0f96b9618ce75515b76724d343d84ed8eb4f46176e
e76fc56db6a781f7f604b281948d4be6115b7fd1f95d0abc05ca22ec594f8b21
e7926dc4d0147b1cf005939a3cef091028d810de29aae9eac958dd8ad4a09f2a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9ead4d480831847b3c4fb6e7e37659c7e1f400f5f4a17a1819c9a680d645536
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ec1812d2f699cc696550cea935924d818d817cf38c1260d4a6ce407dc52bcc15
ec4fb46493e3650c9fddf1dd406dfa0d17c3caf113abe94b6e1116aef090b230
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f2be0d99588fd30f81f9d519e27422142ecb0af1d4ed5bc7e81d4eb32fe99978
f33456503f52385557dc2394f9c3ef8a6022b537f7d83b3d624f6d3f7983478c
f472dd52d6f65b4b97bc36b487d50947f3f6d60ea051857c0a0f914b8eb06fdb
f54d5a0cac8cdcec230f983af5f8911319e1413035fa928dd2aa7ad420b69566
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f95af4f6e53e5366939315ddfe532a7200fb36e62163b95b855847f141206d61
f96211e10241b6f153e1ef2c6bdffd3d95f5dff303a70fcdd4ebf5665b3bb3d0
fa7eb16497b7b9eb5b2a3e6687e269ba7a645b4c3a44a48fe050f6ae4de3e5c2
fa7f1b1b1cd6d7a6b6a885f39378748b389dfa16a94aa55c5e141e14f72f8ba5
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

hayat.ba Open in urlscan Pro 178.23.184.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

388 Requests

92 %HTTPS

41 %IPv6

41 Domains

71 Subdomains

67 IPs

11 Countries

6737 kBTransfer

14795 kBSize

30 Cookies

9 Outgoing links

Page URL History

Redirected requests

388 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hayat.ba Open in urlscan Pro
178.23.184.42 Public Scan

Screenshot
Live screenshot

Full Image

388
Requests

92 %
HTTPS

41 %
IPv6

41
Domains

71
Subdomains

67
IPs

11
Countries

6737 kB
Transfer

14795 kB
Size

30
Cookies

388 HTTP transactions
8 data transactions