ko.dll-files.com Open in urlscan Pro
89.187.169.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ko.dll-files.com/
Effective URL:
https://ko.dll-files.com/
Submission: On October 27 via manual (October 27th 2021, 3:20:36 am UTC) from JP — Scanned from DE

Summary HTTP 202 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 36 domains to perform 202 HTTP transactions. The main IP is 89.187.169.47, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is ko.dll-files.com.
TLS certificate: Issued by R3 on October 24th 2021. Valid for: 3 months.

This is the only time ko.dll-files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.149.118 52.222.149.118	16509 (AMAZON-02) (AMAZON-02)
2	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
4	18.194.49.170 18.194.49.170	16509 (AMAZON-02) (AMAZON-02)
1	52.222.149.104 52.222.149.104	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	157.240.20.19 157.240.20.19	32934 (FACEBOOK) (FACEBOOK)
12	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
2	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
1 3	157.240.20.35 157.240.20.35	32934 (FACEBOOK) (FACEBOOK)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
20	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 7	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
1 7	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
12	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
20	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
5	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
24	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
12	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
11 14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
3 3	18.184.28.154 18.184.28.154	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.217.206 18.195.217.206	16509 (AMAZON-02) (AMAZON-02)
5 5	52.215.68.151 52.215.68.151	16509 (AMAZON-02) (AMAZON-02)
1 6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	213.155.156.185 213.155.156.185	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
202	42

7 89.187.169.47 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

ko.dll-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.149.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-118.cdg52.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.49.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-49-170.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-104.cdg52.r.cloudfront.net

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.20.35 (United States) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.53 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

monetizemore-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Ascension Island) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.110.162 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.28.154 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.217.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-217-206.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.215.68.151 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-68-151.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.252 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.178 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.112.63 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	283 KB
34	doubleclick.net 11 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	269 KB
20	yahoo.com c2shb.ssp.yahoo.com	2 KB
20	google.com 1 redirects fundingchoicesmessages.google.com www.google.com adservice.google.com	84 KB
12	2mdn.net s0.2mdn.net	516 KB
11	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com image2.pubmatic.com image6.pubmatic.com image4.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	33 KB
9	openx.net monetizemore-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
9	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	26 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	91 KB
7	dll-files.com 1 redirects ko.dll-files.com	221 KB
5	bidr.io 5 redirects match.prod.bidr.io	3 KB
5	googletagservices.com www.googletagservices.com	173 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	96 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	pubguru.net a3.pubguru.net	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	facebook.com 1 redirects www.facebook.com	343 B
3	google-analytics.com www.google-analytics.com	20 KB
3	m2.ai m2d.m2.ai	168 KB
2	onaudience.com 2 redirects pixel.onaudience.com	719 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	facebook.net connect.facebook.net	78 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	72 KB
1	simpli.fi um.simpli.fi	610 B
1	bluekai.com tags.bluekai.com	304 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com 1 redirects pixel.quantserve.com	500 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	lijit.com ap.lijit.com	649 B
1	pubguru.com cdn.pubguru.com	4 KB
202	36

	Domain	Requested by
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com ko.dll-files.com tpc.googlesyndication.com
20	c2shb.ssp.yahoo.com	m2d.m2.ai
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net eu-u.openx.net
12	s0.2mdn.net	ko.dll-files.com s0.2mdn.net
12	fundingchoicesmessages.google.com	cdn.pubguru.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ko.dll-files.com
7	www.google.com	1 redirects ko.dll-files.com f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com tpc.googlesyndication.com
7	ib.adnxs.com	3 redirects m2d.m2.ai googleads.g.doubleclick.net
7	ko.dll-files.com	1 redirects ko.dll-files.com
6	googleads.g.doubleclick.net	f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com ko.dll-files.com
5	match.prod.bidr.io	5 redirects
5	eu-u.openx.net	m2d.m2.ai eu-u.openx.net
5	f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	m2d.m2.ai f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
5	fonts.gstatic.com	ko.dll-files.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	image2.pubmatic.com	1 redirects ads.pubmatic.com
4	googleads4.g.doubleclick.net	ko.dll-files.com
4	a3.pubguru.net	m2d.m2.ai
3	sync.mathtag.com	3 redirects
3	us-u.openx.net	eu-u.openx.net
3	x.bidswitch.net	3 redirects
3	www.gstatic.com	f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
3	fonts.googleapis.com	f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com s0.2mdn.net
3	www.facebook.com	1 redirects ko.dll-files.com connect.facebook.net
3	www.google-analytics.com	ko.dll-files.com www.google-analytics.com
3	m2d.m2.ai	ko.dll-files.com
2	ade.googlesyndication.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	pixel.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	pm.w55c.net	2 redirects
2	ads.pubmatic.com	m2d.m2.ai ads.pubmatic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	ko.dll-files.com connect.facebook.net
2	ajax.googleapis.com	ko.dll-files.com
2	maxcdn.bootstrapcdn.com	ko.dll-files.com maxcdn.bootstrapcdn.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	tags.bluekai.com	ads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	secure.adnxs.com	acdn.adnxs.com
1	image6.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org	eu-u.openx.net
1	pixel.quantserve.com	1 redirects
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	bh.contextweb.com	1 redirects
1	acdn.adnxs.com	m2d.m2.ai
1	adservice.google.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	m2d.m2.ai
1	monetizemore-d.openx.net	m2d.m2.ai
1	ap.lijit.com	m2d.m2.ai
1	cdn.pubguru.com	m2d.m2.ai
0	hbopenbid.pubmatic.com Failed	m2d.m2.ai
202	57

This site contains links to these domains. Also see Links.

Domain
www.dll-files.com
pt.dll-files.com
de.dll-files.com
cn.dll-files.com
fr.dll-files.com
es.dll-files.com
jp.dll-files.com
ru.dll-files.com
tr.dll-files.com
forum.dll-files.com

Subject Issuer	Validity	Valid
ko.dll-files.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.m2.ai Amazon	`2021-01-14` - `2022-02-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.pubguru.net Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh

This page contains 23 frames:

Primary Page: https://ko.dll-files.com/
Frame ID: CB34A6B199030CB196E3C993438A7C44
Requests: 82 HTTP requests in this frame

Frame: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0191880E33EEC64E963ADD364B41725B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34883cd9935a48%2526domain%253Dko.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fko.dll-files.com%25252Ff17e5daf4813994%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
Frame ID: E9816D64FD2B88C49287EE527C473242
Requests: 1 HTTP requests in this frame

Frame: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E1846373E661A5E971E2D34E27858AA
Requests: 16 HTTP requests in this frame

Frame: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 48BBBE9F665B8D92EA90E0C3C2EF6DEC
Requests: 16 HTTP requests in this frame

Frame: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC3A4325F131897FEAD1A87318633854
Requests: 9 HTTP requests in this frame

Frame: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 52AF62B1B2F18DA40936F66A1E3FC6A2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo
Frame ID: 4A66184FD2ECF859EDAD598FF651D03B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE
Frame ID: 1C9A74AF379DA3E013C0550452F5076A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html
Frame ID: 5BC0053EF838C497B3015E23A2EB88B0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: BDAE4121D7B6E197331C403563CC5F2A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 458B796B01B33C3228209D231AD72153
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 05C6653FC3CDD7DF1C3D976F8696140D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8BE5D8666CE182587DECD17E1193C7EC
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/9605446/1627388849932/index.html
Frame ID: A1DA749048B199197F9C9799FD95709B
Requests: 37 HTTP requests in this frame

Frame: https://s0.2mdn.net/9605446/1627388849932/index.html
Frame ID: 1F4CF8BB29B00095994F028103BC2383
Requests: 37 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3EB9FBDCE84657C88B377D2B27415FE0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A314DCFC5558616DE0C14E917B234E49
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 63C40AAE361DE65584568AEEB180CC82
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Frame ID: A339C6F1C29ADCC60F77ECEA281449C8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2273072B3E0EA7798F95FE351611A2B3
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=80075D1F-4CCE-4287-A706-801D93D9CFAC
Frame ID: 083A327736D8528B235A24C1C11C1FD5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734
Frame ID: ABC58FE22878DD260B1C9D49914725C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

누락된 DLL 파일들을 무료로 다운로드받으세요 | DLL‑files.com

Page URL History Show full URLs

http://ko.dll-files.com/ HTTP 301
https://ko.dll-files.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

202
Requests

99 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

42
IPs

8
Countries

2177 kB
Transfer

5983 kB
Size

64
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dll-files.com/
Title: English

Search URL Search Domain Scan URL

URL: https://pt.dll-files.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://de.dll-files.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://cn.dll-files.com/
Title: 中文 (zhōngwén)

Search URL Search Domain Scan URL

URL: https://fr.dll-files.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://es.dll-files.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://jp.dll-files.com/
Title: 日本語 (にほんご)

Search URL Search Domain Scan URL

URL: https://ru.dll-files.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://tr.dll-files.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://forum.dll-files.com/
Title: 포럼

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ko.dll-files.com/ HTTP 301
https://ko.dll-files.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://www.facebook.com/v2.8/plugins/page.php?app_id=153851522244&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34883cd9935a48%26domain%3Dko.dll-files.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fko.dll-files.com%252Ff17e5daf4813994%26relation%3Dparent.parent&container_width=342&href=https%3A%2F%2Fwww.facebook.com%2Fdllfiles%2F&locale=en_US&sdk=joey&width=500px HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34883cd9935a48%2526domain%253Dko.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fko.dll-files.com%25252Ff17e5daf4813994%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXjFcyHwHfAkN51r4NSYLwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXjFcyHwHfAkN51r4NSYLwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

Request Chain 131

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 239

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7v3Fg7dS1MFzue5

Request Chain 240

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=e2a203ee-fb30-4724-9db7-d7e76d77678a HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=e2a203ee-fb30-4724-9db7-d7e76d77678a HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b015d601-6e53-4659-9c17-45d7bc0506e9&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e2a203ee-fb30-4724-9db7-d7e76d77678a

Request Chain 241

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5157753868864802999

Request Chain 242

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMNGQwN0M4WXNBQURXSUd5M0tUQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4d07C8YsAADWIGy3KTA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL4d07C8YsAADWIGy3KTA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAL4d07C8YsAADWIGy3KTA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4d07C8YsAADWIGy3KTA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 243

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=567f6178-c576-4400-a3e2-98085eefcd6e

Request Chain 244

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EBkZYUUdGW8LHx1pQhoDYRcQSG4LTh1qEE02LTwl

Request Chain 245

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2154403817951648499

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVXY-phb-g45fau4u65ooE&google_cver=1

Request Chain 252

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gAddH0zOQoenBoAdk9nPrA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 254

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567f6178-c576-4400-a3e2-98085eefcd6e

Request Chain 255

https://pixel.onaudience.com/?partner=214&mapped=80075D1F-4CCE-4287-A706-801D93D9CFAC HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=93661f191c6d732e

Request Chain 256

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAwNzVEMUYtNENDRS00Mjg3LUE3MDYtODAxRDkzRDlDRkFD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOr3hNIHPPfN2xRMU9b3SNI&google_cver=1

Request Chain 259

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:567f6178-c576-4400-a3e2-98085eefcd6e&gdpr=0&gdpr_consent=

Request Chain 260

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2154403817951648499

202 HTTP transactions
63 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ko.dll-files.com/
Redirect Chain

http://ko.dll-files.com/
https://ko.dll-files.com/

16 KB
5 KB

25ms
9ms

Document
text/html

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: f22c2be09a3719ea414b89a5fd13c7b67cc16808ec73506080dc7992c4ea9ad2

Request headers

:method: GET
:authority: ko.dll-files.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 27 Oct 2021 03:20:15 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-DE1-756
cdn-pullzone: 93082
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cdn-requestcountrycode: US
cache-control: public, max-age=604800
cdn-proxyver: 1.0
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/20/2021 15:31:03
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 2e9d36155099d5b91328a2cef1e0bf5a
cdn-cache: HIT
content-encoding: br

Redirect headers

Date: Wed, 27 Oct 2021 03:20:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Server: BunnyCDN-DE1-756
CDN-PullZone: 93082
CDN-Uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
CDN-RequestCountryCode: US
Location: https://ko.dll-files.com/
CDN-RequestId: 1c258cb196b674b6ba6d1a30e488bba6

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 208ms
26ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 16148869
cdn-cachedat: 2021-04-23 07:30:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: db0d5d4116b45a4e6ed2f6ec1d4ab5de
cf-ray: 6a48c999aea62774-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H2 200 build-202004271004.css
ko.dll-files.com/assets/build/css/ 392 KB
123 KB 481ms
479ms Stylesheet
text/css 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 8a4d0cf7b4b7d0c66f12c688b7a36189b43579094b1e95b603b16cca9dc6d3ad

Request headers

:path: /assets/build/css/build-202004271004.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ko.dll-files.com
referer: https://ko.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:15 GMT
content-encoding: br
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 10/27/2021 05:20:15
cdn-pullzone: 93082
server: BunnyCDN-DE1-756
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Wed, 03 Nov 2021 03:20:15 GMT
last-modified: Mon, 27 Apr 2020 10:08:29 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: text/css
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cdn-requestid: fdd0941885d202bf47b9766bb4ea2966
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pghb.dll-files.js Show response
m2d.m2.ai/ 610 KB
168 KB 593ms
412ms Script
application/javascript 52.222.149.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pghb.dll-files.js
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-118.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d69d2e898ca79f657bfc06ad0106b96a849e3a3899301964f3de6241f83fd60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 16:06:31 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P1
etag: W/"8611e34cbcb8bffc28608b59764ead22"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-id: G3fWNWMxUovTmB8g2ZoCcSNNvVa7AJ0SjyFYC2i7ClB8LYnNFAZeAQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 186ms
8ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 19:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 23 Oct 2022 19:50:52 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 194ms
16ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 26 Oct 2022 17:33:58 GMT

GET
H2 200 autotrack.js Show response
ko.dll-files.com/assets/js/vendor/ 13 KB
4 KB 452ms
450ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.dll-files.com/assets/js/vendor/autotrack.js
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 2f4fe1dc13f9d98546fef63ee21e93ec60031faad7fe301c5fddc3de87efe8d3

Request headers

:path: /assets/js/vendor/autotrack.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ko.dll-files.com
referer: https://ko.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:15 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 10/27/2021 05:20:15
cdn-pullzone: 93082
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cdn-cache: MISS
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: c496212a5aff711957a7ec738e9b4535
cdn-requestcountrycode: US
cdn-status: 200
expires: Wed, 03 Nov 2021 03:20:15 GMT

GET
H2 200 main.js Show response
ko.dll-files.com/assets/js/ 12 KB
3 KB 539ms
538ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ko.dll-files.com/assets/js/main.js
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 705f8cdc15c1fd8b6ad8780a5a4a4db7bb659ac4c1d2f290fb5be77e3859f86b

Request headers

:path: /assets/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ko.dll-files.com
referer: https://ko.dll-files.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:15 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 10/27/2021 05:20:15
cdn-pullzone: 93082
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Thu, 06 Feb 2020 10:23:17 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cdn-cache: MISS
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: 57171a474d7e931d53316c10ada8ca09
cdn-requestcountrycode: US
cdn-status: 200
expires: Wed, 03 Nov 2021 03:20:15 GMT

GET
H2 403 pg.dll-files.js
m2d.m2.ai/ 0
0 545ms
364ms Script
application/xml 52.222.149.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.dll-files.js
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-118.cdg52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 / Show response
a3.pubguru.net/ 140 B
438 B 41ms
10ms XHR
application/json 18.194.49.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&publisher=1024326

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.49.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-49-170.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

a47498970be7305fdbc8a3363818528d0c848f7bf897e1cae343e2b0b2105dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://ko.dll-files.com
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 1
vary: Origin
content-length: 140
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
353 B 18ms
18ms XHR
text/plain 18.194.49.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.49.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-49-170.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://ko.dll-files.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 1
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 gfc.js Show response
cdn.pubguru.com/ 8 KB
4 KB 216ms
21ms Script
application/javascript 52.222.149.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/gfc.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-104.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 1zDVHlGcx640ZLzoe7igwdx1_E7DY9Fe
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 11:40:16 GMT
server: AmazonS3
age: 72263
etag: W/"c1441c4083795f70984ad8988cab61ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba7789e51500bb7b69a0c33a90aec411.cloudfront.net (CloudFront)
date: Tue, 26 Oct 2021 07:15:54 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: rpOHH8koXGiOwGZpwCUucTVGfGtSyV5NT7lg4NUGh__4cMACidRtuw==

GET
H2 200 dll-gear-137.png
ko.dll-files.com/assets/img/ 6 KB
7 KB 120ms
111ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ko.dll-files.com/assets/img/dll-gear-137.png
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 75102b36e4a9ed753c8281016c79cf19cbeec12e68cf0d6e06106243b11b1ac5

Request headers

:path: /assets/img/dll-gear-137.png
pragma: no-cache
cookie: pg_session_depth=1; pg_geo={"country":"DE","region":"HE","ip":"216.131.114.37"}; pg_custom_timeout=; pg_ip=216.131.114.37
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ko.dll-files.com
referer: https://ko.dll-files.com/assets/build/css/build-202004271004.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/assets/build/css/build-202004271004.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
cdn-edgestorageid: 756
cdn-cachedat: 10/27/2021 05:20:16
cdn-pullzone: 93082
cdn-requestpullsuccess: True
content-length: 6341
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/png
cdn-cache: MISS
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: 11496d1333edef8362169bc23868c902
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
expires: Wed, 03 Nov 2021 03:20:16 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 16 KB
16 KB 129ms
9ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Origin: https://ko.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 13:18:19 GMT
x-content-type-options: nosniff
age: 396117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 13:18:19 GMT

GET
H2 200 hero-3840.jpg
ko.dll-files.com/assets/img/ 78 KB
79 KB 263ms
261ms Image
image/jpeg 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ko.dll-files.com/assets/img/hero-3840.jpg
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 7db0f5798491f765b194138be25843a2c8f20c98de241887c1881ef641901fdc

Request headers

:path: /assets/img/hero-3840.jpg
pragma: no-cache
cookie: pg_session_depth=1; pg_geo={"country":"DE","region":"HE","ip":"216.131.114.37"}; pg_custom_timeout=; pg_ip=216.131.114.37
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ko.dll-files.com
referer: https://ko.dll-files.com/assets/build/css/build-202004271004.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/assets/build/css/build-202004271004.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
cdn-edgestorageid: 756
cdn-cachedat: 10/27/2021 05:20:16
cdn-pullzone: 93082
cdn-requestpullsuccess: True
content-length: 80192
server: BunnyCDN-DE1-756
last-modified: Wed, 09 Oct 2019 12:17:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
content-type: image/jpeg
cdn-cache: MISS
cdn-uid: c26db734-3cc8-4468-9ce1-1f2306cc2c8f
cache-control: max-age=604800
cdn-requestid: 4a273253b9e1f3bf5147a9b191eed8d2
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
expires: Wed, 03 Nov 2021 03:20:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 15 KB
16 KB 74ms
18ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Origin: https://ko.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 03:12:49 GMT
x-content-type-options: nosniff
age: 432447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 03:12:49 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 108ms
46ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://ko.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-07-24 16:51:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a2f7fcc0fa4618cf0f33bcb79eb29647
accept-ranges: bytes
cf-ray: 6a48c99f2f564108-PRG
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 16 KB
16 KB 56ms
19ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/assets/build/css/build-202004271004.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Origin: https://ko.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:16:59 GMT
x-content-type-options: nosniff
age: 568997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 13:16:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
15ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4750
date: Wed, 27 Oct 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Wed, 27 Oct 2021 04:01:06 GMT

GET
H2 403 pg.dll-files.js
m2d.m2.ai/ 0
0 382ms
361ms Script
application/xml 52.222.149.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.dll-files.js
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-118.cdg52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 101ms
7ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

1eda347602de8e583fc1bd8ed96d863d87edd05e398bdebd52aadd7f1bfd4387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lcK/5Z/wV1X4l3kIzHVs+Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: jm875j7w0jeiHkGDdVK62WYwFouGa1RqfzwnbxjB8czMJvvWZ+BuCnkvVLijKvM2K6zA7BSJmC7JhJ9869204w==
x-fb-trip-id: 686109401
x-fb-content-md5: cf9037542b58fc702d96fdc3c2688d70
x-frame-options: DENY
date: Wed, 27 Oct 2021 03:20:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4e9206d0ae08a15e18e5df53e3693081"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Oct 2021 03:21:10 GMT

GET
H2 200 AGSKWxXXKqatgGDojpzA_h1cE74BQIPc51uSs-Rf5M-7xDOQoiSx9SVjtwqD_HzGgZBGQpplqBgV2yqjDH2p3LbOJq8= Show response
fundingchoicesmessages.google.com/f/ 77 KB
28 KB 90ms
52ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXKqatgGDojpzA_h1cE74BQIPc51uSs-Rf5M-7xDOQoiSx9SVjtwqD_HzGgZBGQpplqBgV2yqjDH2p3LbOJq8=

Requested by

Host: cdn.pubguru.com
URL: https://cdn.pubguru.com/gfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

46105eef1f302df8fb9084af45e7840ecf3a3e30d78d115f2bdc1ef490f1ee48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tEtStfuplKm+8UfIdswiGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tEtStfuplKm+8UfIdswiGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-tEtStfuplKm+8UfIdswiGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tEtStfuplKm+8UfIdswiGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 271 KB
76 KB 27ms
13ms Script
application/x-javascript 157.240.20.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7202ad89c9a021f9e0b47664e1d3c8c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.19 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frt3.fbcdn.net

Software

Resource Hash

9560586a1c5a1aba86dde20bc12574ab62db38fc7533431e2b77f2b5cc9685b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ko.dll-files.com/
Origin: https://ko.dll-files.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: O9D6GWdY3bZIH7RKDdtPCQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77999
x-fb-rlafr: 0
x-fb-debug: AcKPER90EUCrBC0SHFlF/wH1+RwkCvFIV/xIsj3IxirxUsN3rd89GIE8rlHKJvckig07FebShSOoHUwPjckrBQ==
x-fb-content-md5: 1125c2fa9a0b344ce0b8b27429c0e84a
x-frame-options: DENY
date: Wed, 27 Oct 2021 03:20:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "2d4bfeaf6753dbeff6301779101aa7f4"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Oct 2022 02:36:47 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 76ms
54ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1253242368&t=pageview&_s=1&dl=https%3A%2F%2Fko.dll-files.com%2F&ul=en-us&de=UTF-8&dt=%EB%88%84%EB%9D%BD%EB%90%9C%20DLL%20%ED%8C%8C%EC%9D%BC%EB%93%A4%EC%9D%84%20%EB%AC%B4%EB%A3%8C%EB%A1%9C%20%EB%8B%A4%EC%9A%B4%EB%A1%9C%EB%93%9C%EB%B0%9B%EC%9C%BC%EC%84%B8%EC%9A%94%20%7C%20DLL%E2%80%91files.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAAEADAAAAAC~&jid=2011895519&gjid=1333211364&cid=373602523.1635304817&tid=UA-190292-2&_gid=1552788102.1635304817&_r=1&_slc=1&cd1=d-0&did=i5iSjo&z=1592276081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVDXlEQ1-s7PFSojhg4BPQ2JempBqegFN_yTi3TQHZC19O68gqmo7Y59wamqSc_Qmng87u4We14M9gzYM95kxg= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 40ms
22ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVDXlEQ1-s7PFSojhg4BPQ2JempBqegFN_yTi3TQHZC19O68gqmo7Y59wamqSc_Qmng87u4We14M9gzYM95kxg=?pvid=8C34B8C2-52A0-481F-BF99-A65E33B8137D&anonid=33FD30FE-0166-426B-AA45-6F9ACF313C2A

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WzwhLVl0EYc.es5.O/d=1/rs=AJlcJMwcTQRLT_WS1-E0Vnfa37vb6ryKaQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KfSfDMioy2I5aDwF74tbJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KfSfDMioy2I5aDwF74tbJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-KfSfDMioy2I5aDwF74tbJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-KfSfDMioy2I5aDwF74tbJg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWZZsdNiCoJ0FsRMpMkmsPSmLu2DdpdRVyqnBQiHgDtYFwLcv5PmnVHZQi46NF-gZICBKT_ItdGcfNT-A2Z56s= Show response
fundingchoicesmessages.google.com/f/ 43 KB
16 KB 55ms
39ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZZsdNiCoJ0FsRMpMkmsPSmLu2DdpdRVyqnBQiHgDtYFwLcv5PmnVHZQi46NF-gZICBKT_ItdGcfNT-A2Z56s=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MzA0ODE2LDk5NzAwMDAwMF0sIjhDMzRCOEMyLTUyQTAtNDgxRi1CRjk5LUE2NUUzM0I4MTM3RCIsIjMzRkQzMEZFLTAxNjYtNDI2Qi1BQTQ1LTZGOUFDRjMxM0MyQSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8va28uZGxsLWZpbGVzLmNvbS8iXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

b214133aa4cf062eefa27c1f8cc2cb1632bddf5dc0bc3f40371efffc3d034f19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rzXqFX7yVxkWm3nJzhe2Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rzXqFX7yVxkWm3nJzhe2Rg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-rzXqFX7yVxkWm3nJzhe2Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-rzXqFX7yVxkWm3nJzhe2Rg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
412 B 234ms
23ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-190292-2&cid=373602523.1635304817&jid=2011895519&gjid=1333211364&_gid=1552788102.1635304817&_u=YGBAAEACAAAAAC~&z=1927683476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 03:20:17 GMT
content-type: text/plain
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 188ms
8ms Image
image/gif 157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=153851522244&ev=fb_page_view&dl=https%3A%2F%2Fko.dll-files.com%2F&rl=&if=false&ts=1635304817012&sw=1600&sh=1200&at=

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 27 Oct 2021 03:20:17 GMT

POST
H2 200 stream
a3.pubguru.net/ 0
0 23ms
9ms Ping
text/plain 18.194.49.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.49.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-49-170.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ko.dll-files.com
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 214ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ddde94bebf0af43a6253664d2099c9b4cce48cf7640aae6fbfa2aa900d25a280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 162 of 1000 / last-modified: 1635285960"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27288
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:20:17 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 184ms
23ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149ad5bab01b1&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 81d017f72b27d1f13744e89003bc5178e273b0e6d1553110eef7e0046dc8dd36

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 204ms
44ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a49aff0a901b1&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2ce56d0c7087d4196a93b3363b4e55eed688ae0d1f306ce852c65d816c9a38a0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 183ms
24ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049b285130186&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 014f58b5df35da5943b1a6d36f0d3e24018d5cbbcfdbaa80e27875cb25a660bd

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 182ms
23ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049b3fc1a0188&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 96ccead8047bb79d9dba0929b5da5681898d8263246e03c017fb11137fa3af74

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 173ms
15ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149b4e06c01b4&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: bd02a29f6b810c1386e2f9c01d703fe117027b5f6336b1744c61b45c4ffc14a1

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
293 B 171ms
14ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149bc1b1501b5&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f2d2e8ff2f876f8cf2f00dccf5a777aa252d26e428ba6bff6bb47b8c89f476df

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 191ms
35ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a49be088a01b3&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: af07093adcff6256f040007235c05bc6cb1bd3b5a358d1161b204cdff4c5e250

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 191ms
36ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c69049c1e655018b&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 7e81d66a1058921a1c677c86138f3021cf51b9a864965b3fc1072cec21df18fd

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 183ms
28ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca0149c5924501b8&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 99b6492ba8d5acbc87c2c76bf8496193850cdf053e173b26348e695adab47601

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 191ms
37ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a065f6a0224&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f01b05491239ee65d72ef65afb5a3e975070f93abc6a49921d812242bfde92c3

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 184ms
30ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a06cf2c0225&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ee452bd87db6b26bfc4c62324b0d46ec3d9dcb79f39fbf2591c7e142dc131594

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 183ms
30ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a071ef60226&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 75c3e03ca08b72a46a69ea073a04e52f632dfe147e286a5fdde21919706a180e

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 188ms
36ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a076e620227&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 52a49f005ef8ebbce5ac9c8fa870a81f202e535af135e26a4e5571696d93eefb

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 180ms
28ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a07c14401f5&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4991e87727ddabbde4d293a7fd4e6ed4975d745d8d818111f0bfc75d131d35ff

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 187ms
36ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96907201777748ca014a0819820206&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 48d9344bc507c57d11f44f5585cb15e33f937b24e88ccf40aec901ff1c153ef6

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 180ms
29ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a0886230228&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d707b7a49b2f9bfa654c7b2d010b989614ceaf4700b0e561a36e392a8f8dda38

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 175ms
27ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a0989c801f7&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ef6a2186f920e43392336f5191c5e5a2b6e3f4f03cdad4f0f2479bfa746a86eb

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 176ms
28ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c6904a0a753401f9&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d6693e4b2de3384a7fcdc6c414a765ffd223f2b3c4d81bc4edc53931aa3be3e0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 171ms
24ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a96956701777748ce2a4a0ae710022d&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 581b1bbe5fa490c9c496e65c005738bcaf80acd355453bbe45901e5c91e28b61

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 174ms
27ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969d4401777748c69049ab6e680183&pos=8a969d4401777748c690530fa74b0401&cmd=bid&secure=1
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ab0a6fc2283951e1cf634e802afa52433168a31257f4d6cd60c9cecfcc44621c

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 25 B
649 B 182ms
41ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.3.0
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 2337b4fa262d291f8f064d613397ac02063c15cf13d45569cd2e0afbb6e7c5ca

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 27 Oct 2021 03:20:17 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ko.dll-files.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 25

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
12 KB 377ms
240ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

234c3a2fcf85b10065ae938136365e10702c991f1dc852fa928884bdfe9b331e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 27 Oct 2021 03:20:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aef4723a-ff54-4c61-86ba-e45326cce9e6
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ko.dll-files.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
8 KB 317ms
182ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bc469fbf5caccce7feaaa71bf2129911b2a5f9141fb6184994189da67fa10d34

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 27 Oct 2021 03:20:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c6e9e869-0268-44e3-8167-32b6f848eef0
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ko.dll-files.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
monetizemore-d.openx.net/w/1.0/ 174 B
563 B 222ms
85ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monetizemore-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fko.dll-files.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=7716fa6d-f982-4c5e-a6cf-3fa4f1064652%2C7716fa6d-f982-4c5e-a6cf-3fa4f1064652%2C0f8ac3a6-1e6b-41ef-83df-d5c6dd2f3034%2C7a15c314-9ba8-41a9-95c6-eb2d602c296f%2C7a15c314-9ba8-41a9-95c6-eb2d602c296f%2C4fc959e8-8f09-41d8-bc7a-6f0a47f67b4e%2C4fc959e8-8f09-41d8-bc7a-6f0a47f67b4e%2Cea933c48-c1e5-47ce-b7fe-0f5cd6350c99%2Cea933c48-c1e5-47ce-b7fe-0f5cd6350c99%2C25f7a75d-3f30-4aed-a7fd-7a7664aee74a%2C25f7a75d-3f30-4aed-a7fd-7a7664aee74a%2Cdc92ec49-d32a-46d8-8912-42aa7f5ee5b9%2Cdc92ec49-d32a-46d8-8912-42aa7f5ee5b9%2Ce7a19266-2356-4ead-b137-de3c4ed66393%2C378540c8-4c69-4829-a7ed-cac5b569740b%2C378540c8-4c69-4829-a7ed-cac5b569740b%2C8e6246d3-c5fb-46e3-8939-e2675e41ddcf%2C39a6ca0b-5576-4a27-93df-54b87b19fb8a%2C39a6ca0b-5576-4a27-93df-54b87b19fb8a&nocache=1635304817081&pubcid=7f334ee2-4358-4cf8-85e7-4a70fd8c01ce&aus=300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C250x250%2C300x250%2C300x600%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C120x600%2C160x600%2C300x600%2C300x1050%7C728x90%2C970x90%2C970x250%2C970x415%7C728x90%2C970x90%2C970x250%2C970x415%7C250x250%2C300x250%2C336x280%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120%7C300x100%2C468x60%2C728x90%2C970x90%2C970x250%2C980x120&divIds=%252F1024326%252Fdll_bottom_banner%2C%252F1024326%252Fdll_bottom_banner%2C%252F1024326%252Fdll_file_page_in_text%2C%252F1024326%252Fdll_full_width_in_content%2C%252F1024326%252Fdll_full_width_in_content%2C%252F1024326%252Fdll_full_width_in_content_2%2C%252F1024326%252Fdll_full_width_in_content_2%2C%252F1024326%252Fdll_full_width_in_content_3%2C%252F1024326%252Fdll_full_width_in_content_3%2C%252F1024326%252Fdll_full_width_in_content_4%2C%252F1024326%252Fdll_full_width_in_content_4%2C%252F1024326%252Fdll_full_width_in_content_5%2C%252F1024326%252Fdll_full_width_in_content_5%2C%252F1024326%252Fdll_post_download_side%2C%252F1024326%252Fdll_post_download_top%2C%252F1024326%252Fdll_post_download_top%2C%252F1024326%252Fdll_post_download_top_box%2C%252F1024326%252Fdll_top_banner%2C%252F1024326%252Fdll_top_banner&auid=541080632%2C541080633%2C541080673%2C541080677%2C541080678%2C541080687%2C541080690%2C541080699%2C541080700%2C541080703%2C541080704%2C541080705%2C541080706%2C541080710%2C541080723%2C541080726%2C541080755%2C541080759%2C541080761&
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4ef68d1de5ac433f972d742aff90bc5e52d894ffeae52853f2231105b358cfed

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:17 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ko.dll-files.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 168ms
35ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-190292-2

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

dbae8be395eaf65bffda6bb03402a2422fb672157eb9f96af9ef3d7d5a9815dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35720
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Oct 2021 03:20:17 GMT

POST
H3 204 AGSKWxW7WjNwbH5NLQdzwoLjLISEvxOV0P5FspVJD-imZ8kCZU8C4ZlkIPDHT4cwARJORdAKbTLEi9u-xviELP9Ipt_SyHzoDRngYYrejTCLHA2U5Ouz-N1Ttcxsry_tubvoTw-odV6bZzNWtrj7SZgWmk8mCb_QQQaKyujNthVDUXr_gU6cLHa2j2PijWz1 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 26ms
25ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW7WjNwbH5NLQdzwoLjLISEvxOV0P5FspVJD-imZ8kCZU8C4ZlkIPDHT4cwARJORdAKbTLEi9u-xviELP9Ipt_SyHzoDRngYYrejTCLHA2U5Ouz-N1Ttcxsry_tubvoTw-odV6bZzNWtrj7SZgWmk8mCb_QQQaKyujNthVDUXr_gU6cLHa2j2PijWz1?dmid=78bac53933b77b61

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.Uug7jBo1UwY.es5.O/d=1/rs=AJlcJMyvmZeLPTgm4xYEGys_YSkxbZeHGw/m=iabtcfv2signalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k82H7s54RNDZreid9DpVgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-k82H7s54RNDZreid9DpVgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:17 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k82H7s54RNDZreid9DpVgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-k82H7s54RNDZreid9DpVgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUILbPoAVzUOi4Z_z8n1ElqoAaFX1qaEmpEA_IzCUVccbpbHk5TwRJ2CNYeK-jnMmTpB6q8WA9X_YXLAONH8QK4GVYBKxSNcbVxdQooBKn3lykRb3g7BXRG7HCQcqey-q7GzOJ7RXnjFsO6DqmEeCjDc-xV7iSDMSrtfE1YKADZCcKoVmD03bTmHJk9 Show response
fundingchoicesmessages.google.com/f/ 62 KB
23 KB 57ms
57ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUILbPoAVzUOi4Z_z8n1ElqoAaFX1qaEmpEA_IzCUVccbpbHk5TwRJ2CNYeK-jnMmTpB6q8WA9X_YXLAONH8QK4GVYBKxSNcbVxdQooBKn3lykRb3g7BXRG7HCQcqey-q7GzOJ7RXnjFsO6DqmEeCjDc-xV7iSDMSrtfE1YKADZCcKoVmD03bTmHJk9?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MzA0ODE3LDE5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsbnVsbCwwXSwiaHR0cHM6Ly9rby5kbGwtZmlsZXMuY29tLyJd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

6296096cd82bda88d7fced71164e3339e5d6e6b01aeecf6e527bb722ce8b05fb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VURzqze2dbUvyFjFGExkVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VURzqze2dbUvyFjFGExkVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VURzqze2dbUvyFjFGExkVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VURzqze2dbUvyFjFGExkVQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 93ms
41ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-190292-2&cid=373602523.1635304817&jid=2011895519&_u=YGBAAEACAAAAAC~&z=466169932

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021102001.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
121 KB 678ms
27ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122914
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:20:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 90 B
693 B 672ms
25ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ko.dll-files.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

1babee1f49027a158bcb6c77fd5785ff2b72796cc8a717bc32f5af3367cfd334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86
x-xss-protection: 0
expires: Wed, 27 Oct 2021 03:20:18 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1253242368&t=pageview&_s=1&dl=https%3A%2F%2Fko.dll-files.com%2F&ul=en-us&de=UTF-8&dt=%EB%88%84%EB%9D%BD%EB%90%9C%20DLL%20%ED%8C%8C%EC%9D%BC%EB%93%A4%EC%9D%84%20%EB%AC%B4%EB%A3%8C%EB%A1%9C%20%EB%8B%A4%EC%9A%B4%EB%A1%9C%EB%93%9C%EB%B0%9B%EC%9C%BC%EC%84%B8%EC%9A%94%20%7C%20DLL%E2%80%91files.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUADAAAAAC~&jid=930374702&gjid=765252803&cid=373602523.1635304817&tid=UA-190292-2&_gid=1552788102.1635304817&_r=1&gtm=2ouak0&did=i5iSjo&z=1605268829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flirt4free. Show response
fundingchoicesmessages.google.com/f/AGSKWxVuQpae3cM7lJIb7MQYllXieODqRx4nd6gyKnsrDj8D_9GX7wY9_aS4hm9stt7fmIxTCy8huux3IRKr5wCS7mc-5aE1IIZ23WwnfNFOvCK_g4-55EOVQ2cXzqzu27EqRe95ImIy7BOhOZ5DvqamWfH7YIBh5... 54 B
107 B 21ms
21ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVuQpae3cM7lJIb7MQYllXieODqRx4nd6gyKnsrDj8D_9GX7wY9_aS4hm9stt7fmIxTCy8huux3IRKr5wCS7mc-5aE1IIZ23WwnfNFOvCK_g4-55EOVQ2cXzqzu27EqRe95ImIy7BOhOZ5DvqamWfH7YIBh5octTGADGKDfMjDGIXZqcHpk96KgJyPUQbzJMhLzPBKet8iNOcKM6Q0Rozf4Gpnx80dpmZcKkwWnNEaQE_c=/__ad_promo2./ads_1./syads./admeld./flirt4free.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

dc9b0e1cf29202cf1ac306fcce63e44cff0a125c17af53cff302cdb0e5554c34

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KywFrxixk87G768nFJSFpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KywFrxixk87G768nFJSFpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KywFrxixk87G768nFJSFpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KywFrxixk87G768nFJSFpg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 72 KB
27 KB 51ms
8ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a44e84c7e6bafc8fdfc20e2771452a36a92d930906eec2d2e24b4a3b7456228b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 02:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27622
x-xss-protection: 0
server: cafe
etag: 54968745010281105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:40:26 GMT

POST
H3 204 AGSKWxV6oFfOXttVzo-YAJT7K4ERJM7ndQqeOr1EJEOBWehHMCbJefDToj8MJ2JyAMGxzFrfcv_T3nt_big5ldGb3aSdkeJRabnWCGiDy_x9x12NnZllcaaNdtcwAeB5WkF0V9wXwfLPWutc9Mh79-whEzuSNPBRLrQQZ2xzyL5jrlXKpk-Ndd0UVS0l-0ss Show response
fundingchoicesmessages.google.com/el/ 0
26 B 24ms
23ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV6oFfOXttVzo-YAJT7K4ERJM7ndQqeOr1EJEOBWehHMCbJefDToj8MJ2JyAMGxzFrfcv_T3nt_big5ldGb3aSdkeJRabnWCGiDy_x9x12NnZllcaaNdtcwAeB5WkF0V9wXwfLPWutc9Mh79-whEzuSNPBRLrQQZ2xzyL5jrlXKpk-Ndd0UVS0l-0ss

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wdtyctEgyvubk4gBAgYgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wdtyctEgyvubk4gBAgYgkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-wdtyctEgyvubk4gBAgYgkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wdtyctEgyvubk4gBAgYgkw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 30ms
15ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-190292-2&cid=373602523.1635304817&jid=930374702&gjid=765252803&_gid=1552788102.1635304817&_u=aGDAAUADAAAAAC~&z=77161789

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 03:20:18 GMT
content-type: text/plain
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gukjHqS2fSoNfRYYPdrwsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gukjHqS2fSoNfRYYPdrwsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gukjHqS2fSoNfRYYPdrwsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gukjHqS2fSoNfRYYPdrwsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 98ms
49ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-190292-2&cid=373602523.1635304817&jid=930374702&_u=aGDAAUADAAAAAC~&z=1065038380

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9KC9WOpKVfOsVvfzZld6bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9KC9WOpKVfOsVvfzZld6bQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-9KC9WOpKVfOsVvfzZld6bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-9KC9WOpKVfOsVvfzZld6bQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWzP9RYthHgXQg7ZC8T-qkT5wa2Uny3-p1wgZH8TefBTxIxkMDaV5pna226J2Re9RrR7QYkyQHr5pA4ewJ0TWYWH4N9jdx1Ag8DQt6x-Xzv3A3pe-wAR8cWj8N6I6Bh7M8a4L7QWe-s9gn9zqsTSb1d8Obt5qKZjJgN-_XzFuaD2EhVnRRpNJX-IF-H Show response
fundingchoicesmessages.google.com/f/ 42 KB
15 KB 46ms
45ms Script
application/javascript 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWzP9RYthHgXQg7ZC8T-qkT5wa2Uny3-p1wgZH8TefBTxIxkMDaV5pna226J2Re9RrR7QYkyQHr5pA4ewJ0TWYWH4N9jdx1Ag8DQt6x-Xzv3A3pe-wAR8cWj8N6I6Bh7M8a4L7QWe-s9gn9zqsTSb1d8Obt5qKZjJgN-_XzFuaD2EhVnRRpNJX-IF-H?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1MzA0ODE4LDEwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLDBdLCJodHRwczovL2tvLmRsbC1maWxlcy5jb20vIl0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

52a543e521fc5dadacf0d3be4c3848a66bbb5944298a4c8b9249a2004c3fe4c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MrroaAbDarShXtf1nv/a3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MrroaAbDarShXtf1nv/a3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-MrroaAbDarShXtf1nv/a3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MrroaAbDarShXtf1nv/a3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.F0RC8LglObs.es5.O/d=1/rs=AJlcJMxHFH7uuo3ba9fOXMfKffcrGol86g/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Em1+RI59CvqLcqyzKgsqFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Em1+RI59CvqLcqyzKgsqFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Em1+RI59CvqLcqyzKgsqFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Em1+RI59CvqLcqyzKgsqFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 83ms
17ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ko.dll-files.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
28 KB 490ms
476ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3773981648003983&correlator=2950793793414634&output=ldjh&impl=fif&eid=31062525%2C44748552&vrg=2021102001&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1024326%2Cpg_interstitial_dll-files.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=m2_canonical%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_canonical_session%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304818&dt=1635304818296&dlt=1635304815388&idt=2779&frm=20&biw=1600&bih=1200&oid=2&adks=1351765745&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fko.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=373602523.1635304817&ga_sid=1635304818&ga_hid=1253242368&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

32a3275fde2224a33c1bdbdbdb9252586211f44be92748d6c48408c1e3f9af00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28399
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0191 6 KB
4 KB 76ms
17ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:20:18 GMT
expires: Thu, 27 Oct 2022 03:20:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 pubads_impl_page_level_ads_2021102001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 32ms
22ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021102001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

749bbb89f00fb9c1167551edf62cc7272dcff58df4c9ff1410db8df7da5b49be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13511
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:20:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 290ms
289ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3773981648003983&correlator=23498382103273&output=ldjh&impl=fif&eid=31062525%2C44748552&vrg=2021102001&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1024326%2Cdll_bottom_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C468x60%7C728x90%7C970x90%7C970x250%7C980x120&prev_scp=m2_pageview%3D5994-210610-425%25401%26m2_session%3D5994-210610-425%25401%26m2_canonical%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_canonical_session%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304818&dt=1635304818451&dlt=1635304815388&idt=2779&frm=20&biw=1600&bih=1200&oid=2&adxs=650&adys=963&adks=125749252&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fko.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1553&msz=1600x72&ga_vid=373602523.1635304817&ga_sid=1635304818&ga_hid=1253242368&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f90bfabb6f3f89c4e5a2c9dcdf737af96a12aa4dba7adda30dfaa0a7493e4b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7525
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
30 KB 312ms
311ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3773981648003983&correlator=2050450940268327&output=ldjh&impl=fif&eid=31062525%2C44748552&vrg=2021102001&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1024326%2Cdll_top_banner&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C468x60%7C728x90%7C970x90%7C970x250%7C980x120&prev_scp=m2_canonical%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_canonical_session%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304818&dt=1635304818464&dlt=1635304815388&idt=2779&frm=20&biw=1600&bih=1200&oid=2&adxs=256&adys=209&adks=4189499360&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fko.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1152x396&msz=1089x72&ga_vid=373602523.1635304817&ga_sid=1635304818&ga_hid=1253242368&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b183664c34910ad5ad572324ded9f80e3fd51f0647eca7d5fb358be4a4dfe086

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHzupbR6fMCFUnxdwodF1IByg&gqi=&layout=/sadbundle/%24csp%253Der3%24/3140028837434899912/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COHzupbR6fMCFUnxdwodF1IByg&gqi=&layout=/sadbundle/%24csp%253Der3%24/3140028837434899912/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30900
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 27 Oct 2021 03:20:18 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 335ms
334ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3773981648003983&correlator=3312809735959669&output=ldjh&impl=fif&eid=31062525%2C44748552&vrg=2021102001&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=1024326%2Cdll_anchor_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C1x1&prev_scp=m2_canonical%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_canonical_session%3Daa43f2b161ab3d8a5e2b0b8d836642bd%26m2_config%3D5994-210610-425%25401%26m2_stack%3Denabled%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304818&dt=1635304818474&dlt=1635304815388&idt=2779&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=2488649843&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fko.dll-files.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1553&msz=728x-1&ga_vid=373602523.1635304817&ga_sid=1635304818&ga_hid=1253242368&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f2bdadd1963eb8d4fc6f6827cb11b7d503e527813f5947b3a81397d50b753ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7509
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVH_93fSlAdd4LujHORWID6JXFX15DitC5xMQn0eLWfsY7VkWkh-qraxJ0v5nlY2FxCRLMMGNb-_Fe94DZN_PTaBmHTnhsXrDoEWfeTp6A8bC03XuVxUJmUkx8Xwu6GW2aBtCSejzSMpO6BiZQrKhhCZC82mfpmZO6_D23GmqO4wbiAPfHjnk3n2JF7 Show response
fundingchoicesmessages.google.com/el/ 0
26 B 31ms
31ms XHR
text/html 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVH_93fSlAdd4LujHORWID6JXFX15DitC5xMQn0eLWfsY7VkWkh-qraxJ0v5nlY2FxCRLMMGNb-_Fe94DZN_PTaBmHTnhsXrDoEWfeTp6A8bC03XuVxUJmUkx8Xwu6GW2aBtCSejzSMpO6BiZQrKhhCZC82mfpmZO6_D23GmqO4wbiAPfHjnk3n2JF7

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.AMCHkzpP0Us.es5.O/d=1/rs=AJlcJMzdO7cQfKx-_rGJt661s7rMC5rr5A/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7kPMvX+an6FL3VkF3BRxWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7kPMvX+an6FL3VkF3BRxWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Oct 2021 03:20:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ko.dll-files.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-7kPMvX+an6FL3VkF3BRxWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7kPMvX+an6FL3VkF3BRxWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame E981
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?app_id=153851522244&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df34883cd9935a48%26domain%3Dko.dll-...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbit...

0
0

131ms
131ms

Document
text/html

157.240.20.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34883cd9935a48%2526domain%253Dko.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fko.dll-files.com%25252Ff17e5daf4813994%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7202ad89c9a021f9e0b47664e1d3c8c1

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.20.35 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net facebook.com fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' facebook.com fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com fbcdn.net fbsbx.com cdninstagram.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com facebook.com fbcdn.net fbsbx.com cdninstagram.com .cdninstagram.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: facebook.com fbcdn.net fbsbx.com cdninstagram.com;frame-src .facebook.com .fbsbx.com data: facebook.com fbcdn.net .fbcdn.net fbsbx.com cdninstagram.com .cdninstagram.com;worker-src blob: .facebook.com data: facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34883cd9935a48%2526domain%253Dko.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fko.dll-files.com%25252Ff17e5daf4813994%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-resource-policy: rollout
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com fbcdn.net fbsbx.com cdninstagram.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com facebook.com fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: facebook.com fbcdn.net fbsbx.com cdninstagram.com;frame-src *.facebook.com *.fbsbx.com data: facebook.com fbcdn.net *.fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src blob: *.facebook.com data: facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com fbcdn.net fbsbx.com cdninstagram.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com facebook.com fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: facebook.com fbcdn.net fbsbx.com cdninstagram.com;frame-src *.facebook.com *.fbsbx.com data: facebook.com fbcdn.net *.fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src blob: *.facebook.com data: facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ZXr7+WlbB1Tqyk5S9dHgqO+g3e4jtMqgUmMbEN+QVzBVMiAa8lcgr0peHcCfiVv+EMdHV/GelAVNs77Tfcq2LA==
date: Wed, 27 Oct 2021 03:20:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D153851522244%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df34883cd9935a48%2526domain%253Dko.dll-files.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fko.dll-files.com%25252Ff17e5daf4813994%2526relation%253Dparent.parent%26container_width%3D342%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fdllfiles%252F%26locale%3Den_US%26sdk%3Djoey%26width%3D500px
x-fb-rlafr: 0
cross-origin-resource-policy: rollout
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *;worker-src blob: *.facebook.com data: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *;worker-src blob: *.facebook.com data: *;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: KKOPfVPpN5u5EOhBogKG2OgKhmXSlMMgzgzElGQLXHzMFhE50ErV4orU2vwZ0d5cALLYSg2d1VSceby1Zcow5Q==
content-length: 0
date: Wed, 27 Oct 2021 03:20:18 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3 200 container.html Show response
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E18 6 KB
3 KB 47ms
17ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:20:18 GMT
expires: Thu, 27 Oct 2022 03:20:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 53ms
32ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

053ad0355d63858b14d65fed9e21717b99217131edb7027eeef36767ab9e53e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8514
x-xss-protection: 0

GET
H3 200 container.html Show response
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48BB 6 KB
3 KB 32ms
30ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:20:18 GMT
expires: Thu, 27 Oct 2022 03:20:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC3A 6 KB
3 KB 34ms
18ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:20:18 GMT
expires: Thu, 27 Oct 2022 03:20:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 52AF 6 KB
3 KB 32ms
31ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:20:18 GMT
expires: Thu, 27 Oct 2022 03:20:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 72ms
33ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4A66 645 B
569 B 106ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 03:20:19 GMT
server: cafe
cache-control: private
content-length: 285
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUktZyuWtf7gLRwNMGdmEJLaLPKjauK8s6gZ5BTIQ62Rdy3SXvJR72O3lfBK; expires=Fri, 27-Oct-2023 03:20:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E18 71 KB
29 KB 123ms
46ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BK1_5jtbdqZatR_SI6iIGFYkI5cO2pHqqNbIDQID7z-UOgEH81q4x-Jn56lZsm7Cwl9C_4MjNktpFR_clPPQKDFo_xD_2Y0lzQzeG-OC8aYjyG7yLfpRGfCvAgzY6Qt-sbs-tO7lpKQJOTMluOrAi1Lm50RA&dbm_d=AKAmf-DX-zplctMuP4F3prcBEawsRvo9GV6O4NIyrOUM-M-Ymgkfu8PPNarKI_mw6PwucK0YJPdUqvtBjfiWN-Zn_pP90-LDj06jMXVuv6VlaSoeXuhQCIMxTfLAxEaIVgI0J8THom4TZWBAtSUbFwNPilv8xRtwCraKV0JqHI-QKWyLWf1Nd5np5Axwva0gGeRk3Bs3U1D7qSoaP-YReGk4Ziytm-J1EInH2oC9X3SaUGz3hZKkeueE3fMF87pPGWsdPtgzKTtqMB72_hBbpk3EuYsJKh9nH_k_F1y0zVY4MogS_JgQGzs78uvwJLD2nvV24KhRBjrT0AcNTPWsi7Z0AZa1ugWGQ2cyj8gxjULfRu6RnlKWfj4Duc_uTfLoZ8JC94jUjfMI994BVViS3pK0h6D8wvoPdjYLhBEZ3-m0VhKX4Ar2QSqQXVuT_z6v6Ke87mtA3QObXb06g87J6gnRlffQOUlm06y4xxw1dYp4l2mYILt6vC90GksrIm4UENMQElVO316JtWXPvyfX3uv_UkHRK3MrQVP7vcHI00QbcBsrVupn5eFlbMlrpAmlvrqFzQhGjo9GSHxTQRLPDGNd-AIEXSv-nqbJ6wrc64xsVsUddBI79kSWZkggEzR04RhhpZfV-3xrnWyOvWSjflGnpWjnzyT-AFHVfLftcHaWw9B6xUkv8wEDs2Oq5X7V0Lod5r43k2cG0XLk8uUwom0wz4FRbV1YhSYljsIoFbWBpcBNZCKLqyfx2Na7vxeTyzbAT97qmXlmFS9OjZBdp_kx_3gBjQABuOnNkRs1Ps_PYjCaTDyTkagpRocft2cKGhJCNVVOObcOFWanWG7wGScbslnJvIuZ6ArjFFyQp2qjVQdBaIux7kN5m3UYbbaZBDLltJbXdfzylfep0LDzHJKaVCmimrl8PJnd7snzE4R4mVkF_yMupImfbv6UKjLp86E5kbq3unFTE0XjzROURQZdEMiQxwCC2ncYO5mNKRAWvg4MatZ5QcAlhHdgRTxqyOruyiM5sSj7XL1S6oskgasEpzPOlKwdPBt8ggE3b2_8t9ShMasZ6Vojqa9gMVfKklCWCc2OnxiuvTmVEnhtS1toSh8cz8sNaKInmGSJOPtl603lJ8MzZQcuWq8q0QlfsRPZ7PvSy0OYgYZVRt-f4LvtHtbJXrcGtng1wLdNXVPiMQytFxIzAG5FjMHiz2fFBvXlI1xipEQMJd4IYzB43RlwPhMOdVMUhcUhBi36uXWbLKofsKsRFkqk-8W-98Qd7uWJ2tj3JjGsHY8hCvJ_w9W01-sInHY-Z-JunihPMYFojF7zJLZLoC8x17omJOfX_QH1Xn3Qrpy-tZ8Y_1XmDeTBVo8OP7BuTEFVfQSkx7sEBNKesqCVKp3FNgsQkJSXZC_y4nIVIPpWuGe0wc1bB874r1YDWprQwdZbltzqihyfgqmki8R8G_DPKv6Bn2Vw77WObnjHczEBEGXUKD7nU4aJAtkNwnHwHX_6zNm4sanoH5YXu8kQc2LZ3vjCItrP3eBEvPONlbVvSVLNY40EDzDZmmiHT64dwanvqiTzBmb7Bx1XpXsIs76Dq7PU-_4D1hIHhcJIiOIuscvJBJyFIy9DpGFJjUpoUUJ57UnvFRsDJ9l2vspYdDZ2FSVkBvCUAL7wB6DQkIUHRWYvwKubFMysdWi1Lmoj-e7AqAP__8nzhlz_9l55Fh4b4ULedPskaq0fB6WtEKwiJe-xCpFA0LgsCpOX0u2ATC8RB99CawXy2xZL_EawBL6sTwHnHe87AvvBYCaE62v9vy6RxNthUYyB5hAxUlh7DB1tjMSREZ1vgX5NwWOY7ejEQrqRAyShn2aO9MCU_MkK-EMwvZhmMLOnZraFOioO3NHc97sdLYbX8yYRsE0hEa5hn_amyUzYGdaoDy_GWixZAPllSCX7pYkby7JMhsF4TEDw1pVoMbrfB3JyVKUyQdkv0-cQZZqOf_V6hv1Qtll-ZdN26d4QXZOWUBOEknCIz8LcXBqoGYDLXKaP6FlFERxeIl6V_QkqwhMJTWvkVhw0eMedRoXWLYJAErfjMYPGLTKIY1pQAEj_9I_3dvyUpDSWfXORQWMOsHom0xLbW0JQVuFBSQrYmygy-KizFpPoo_SWIm5xnlWOYCk1jDn6Ie1MNrn8i7DucbJcdt2AekC7csAAEotKHaHbAJPZgxu_n9_ZtUTBWHvtCnmo9NxRQVZb5FsZi9qB7BCujRHMPHiRyrePx4kpXsRfKwVnQY7iWkBoFsv6_u41KlX8E76Ez0T8_NWFEeY5QL9cJCtZY39lD8fdE36A3vLBlML8sx89tROPjbKhn_MgvJ1JYkPyQtyv2Zdx-Ps2HlAlpGDNUGYhAPCYPwNUJ5dFYBdcHUDlampywoezQ0k85EIS-X9fo2P1UOc0DumUayg3HaCcnCus8ArGltBbBoEPmaywQxXmydwprY0GoazVqnCo1OYpjR_OMIsL0O6Ij8h2wQ7_NFu_9PI2WT8GwyGYsrcJnTlZ0Lv13Ud0H3IuCj2Z7Fk4Txowr3XlIe42dmJGFebCRVwZX3BKVLJHilZL1rH4nN8lLGfz_01UFdTy8TTYjKd_Vkhzt3zyWVZpTMfvbzYQlThMHx6dfWWGRVRxzCx8kKxKjxdBxZ4IX4Hu9tVsUslPVYeZfc9_nKEqBUODz5VrhZfBIzEh5J8qFCDfpvgZcsWmFY_ktBrgHpU1PS-XksBH6KXi8IG3aoer-GbAhy06izxNeCQUPZChHz0-t8YWx1kGULXQ7T1gg0NQ-V6n4fBZm1r_t1_6-tCx4gI94XqIBQsTZ9vMgjbADcIkc5Nx9E2JPM35PMgFFvAGvQxCqvEL0Fo3CqaKq9nEG4hRK-X03ZCL1-G56k7fybCcEzX9sktYL1k04BV_ceoyuVicWGUmF9ryBaRGRUjzIl-kozhjn5QChgFr6pKcYUFGuZ6j2Y53TG2NYoR0V_N12ebJZY9LRNV-bl8bUA4Zc6cbDpYJb-diu3IzWab3nZyWi_mGIL_jgepFt3Lp69uGF6SHGbdwzINNZk1NVuCpL0ZeTB27_3nYGBNlZPPL2FgV_ew_ySp2DXCtYQQiGUYMT6FYzIwYX22Pb6lhL0bXXTuyTCO2xQjbsTGs5EG4onDd181IS11p8vYyEErSxMIQfW9Hd8dTyYMtbtIDBQ49O5OtgX9-5NpveptMofP5tL6--9mFEZ-jbZK8cd-oXgBFT3Bno2Hz32ip3yyodp7FlDr9oAATL-dm&cid=CAASFeRoR2Radxx3qmtN478Vjpv4N7YKCA&rfl=1%2Chttps%253A%252F%252Fko.dll-files.com%252F%240

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2875c1c323c183443388055f7dd369f70bf34ca42e2f3388530738c8d45d7d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28982
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E18 42 B
63 B 98ms
37ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhNBg8vyUqlKbTJoEOWXcwv7z4Qpyxb6b6TlEjn32-jAveNByoOwmdOLverb_Eho-05yLzHKIj3BBfJv4o-XJOIAiIPhUlzxmy9kALxRZEfR7ioQE

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0E18 3 KB
1 KB 67ms
14ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:17:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E18 120 KB
37 KB 61ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0E18 14 KB
6 KB 68ms
14ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:12:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E18 0
0 54ms
27ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQfVFwzpLjbjozUHcYmo8hhpXNWkh_YB1_frYFreNqTYCVaJYl3vfsVYooUkAo474mwpuUmf9NuvSu1alWDumx-OayZA
Requested by: Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1C9A 645 B
984 B 78ms
23ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 03:20:19 GMT
server: cafe
cache-control: private
content-length: 285
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmcZhTcY9D39IswCEgagsCqTagn9KGJTSmhNFxdtUi4hcz6DVllW5x3FTIH; expires=Fri, 27-Oct-2023 03:20:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 48BB 70 KB
28 KB 136ms
77ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPALPn5TphzCUbAVlSMa4r1h-jAuiq4HOAADup5JxMmRAC4U-kj9LHP_pj31XeIU6IxO13AjHPB6L-8u9Gnjr3dUhqGl1W_xJDJntbFFYIMu0RqH39lZ_Kwha6bq_VhEVY2uqf1vPOtdlNJzhHUG8T6REUkg&dbm_d=AKAmf-D4HoYLRYpfILacCnsccQ8M6QofvOly8BdtsOGVbKADHndjJQwdXPNYM179LaNejiWbr2eNKB5OT4NJCCEHgNhAmnQaVU09jrq0SyeXdWJ3UVSeFlJPZzPZuG5jo2eurTmf1eK4Oj57XwyWwIy4MThTcYZHznb0osl_-CePmMmWAKgdAvDa9xgqF-cel4EQHZL3Krm4olUHaEI7b9_2vjU94jlt2M_UXOh5fg6ZvlV1aDeRnJnL9-GZMh5GmAWCu9rqdLVLZ9deZEZuykQ5YT0a2RGbSnriq9iTseew6ELjDMNkGGgQOaURYeKXKHVR_Lb6NC-QYNpzcOxllzm-W18nAcY7AkgnD3yrQnyb7JmW7Z101yt3wbjh_190hx0P0NjcHHX6FogrZid0pI42pVGJjOTDe3GWCr_WwQ1f6Ee7vsC2SpzYezEBuufbefb5dbOorOa1ULvgX4aU2CObVCH_goDICuCrCyLw5LhSTOxG-hYLHiu_GWmEc3w78b-6gQ6IWDmVLKg-qA0p8OPaHOLy0ifPQeRrONZ5fGN76CJ40ynvGHjWN4mM9LChAKhQrgN7NTHEGNqy17IDKmgYedsbkHftOjMuPbxqV5uIPTcf22CIBBy5fWtCiUsa3PBE2GKVKALlzxxVUv2_QEMO1e9Tbik5S11MVyU6Dd6dNNgc_gMskZxZRwUJZZMxHpR-VNvsWjcI9tK7YuNELZcfwyOUBziPHpr1pRR80EuD7o3JOH2XZI4vDOx62zfhm7P-fJQpvu-JocAyswAkEQ7ssbP1YHiiHDRtCvEANY57gFANmJsvATauhjpz99lCwnoVf-7LczJwkBP8n5Kpp9Hqf4Wv6dLF1YoJgKoOTnT9VIiNmtdTHyAcmglmnpC8HqXDXRz9yd8lnx4ZyD_ZB6m7IQKLG86orqXCaM0qvbHxXVYOG1wqsDMOkf2D__7KBhvR5PDvGNORzA9QUbb9K0qQSxII2XjyaAskp8SjBVZf4U6XiQwQP6MeVbPc80jbO0MNDUDGn6HEszuEdUJODZPxgvC8_M8Ph55Xbqd8rYkPdJZ78uasMip2HtP1wB0wvly5mrURiVSruTJjhTs6rhnG2XMHNN19MkUjvRToaY0jZRyvt4y-vOhpmw6I0qMwneHb2gb8Aqx-XjUugNr4HYFh7P7rR0GEce8dJyihOybbP0ddeB1USw9VXft_fxcfngh295k1aARe3wxxHq4sW5IbDEj5wsHq_0NZ1NtqJk973fylvngzYiUu59ld3JB8FWZPB0TcG_VUDmuFg38joH_jTF4JhaWjURVwdsfLR-POiuaTy4EGZk7ItJb0bqmyXeikuvGzWyco5fZxMtRE2kFs5WUo5jQ9-SdcmSkAXi5vJrO60X8ELY0P5JCfwMG678NQB0UGG-789Ea5IvWS87dvuBbJvzD9gL-lm-3cmp9LIr6yQ6CH-htHIIE2Vzm9J-nBzQRh6N4XE9XUd2fUP5fxMM-939jws7DBZFZZEWU0S-gKDOCmDfxZ9IkUWycTu4V7bOyLMA71ba1mmunRlS3DKCGGVWkOdiGkXULWxR4Frap3LPN7GnF7tVyqd5eJpJm2pjP4DWfMTsVuolKd9-2_hagcKgLklo9eRnBaPpH7Ad3-W-HQ_YSG6SFWK5BdooNduZrzl8KJvafviH_0x_GI77BFTV4-C7M74crIZE6xURSSAJJN05NzO2dlu-o5G6jW74niHezO8KxRfxbwNbCeS1uA-RzPXGGUMF6EFgVmUnZeUozZAyhVgHDKf-I7_0X514wAgUtKXhqCbR5FNLbwM_v4wcV0cgxGXLr-vQQNHkfOJS9gMA_MolNwUetd5cyr82zBI9SXGo_SHYBCZfCb4cEUD3bPTXU8qoOpSCNJTjp32mqHtRoBi2woD1w3huD9ym6fdMI21Bc0Uu0dAjkXuPPQwE25KRWbP9yv2cv7mgCYAwnOqlO-QcUdQMly_gEtXFfITY1UZ35YP61mK8s8Xk7FdTPZ_GoPO1Dd7i-dIkV0SC9XQ71N3SpKuYbYcKGyfgZYrDgit2iQw_ZDe7OxsteohoYb7C2UQjDGlI49bUBeMPcCWu8wUx4S4HpgGvcwY5IY0c2LfB0EtUql2tjdQKzkDYwbOLmSLk3kwt3WMOxKJlVqshBqGvz0pdfbsi_Yoh4LQVMGYG9Zjdnkk4AO54D0w63xXjGT57GrhuBmtOAL8RAntoBEswMWkFp7TUW-efH95cB3HJskGuMkO2x709z9XEarE2-YTcZ4Yvl9ge_QfYgYJtmLSIScVVRMSljA9f9DzFY90gZHuPpU6yDekUyzP2sGeRvSKuOUpdivnpvuL4cDRZxmD1QuFbBtBr30VPkuKMkFR1wY7iigTTWDFvgvYL8NyQX_9xkWe1njUyamzSByGWflXvy359xL0UHXOB_lfJjy3ACqjUxgYqosOPkZs2Z_am3YNOH6QLK_54PlTIoYo3K7SNgyd4YkZ0d88R4QYftxzpuacHXYtZOFWWaRC0Yf1WjIXzL_I4Kd2LqYqSEcOTLvnqpQXhfO4bA7CiJky52hriBfnEcglL8A37cIzGwL3_yJA8mxQqiowuFSptkDftUTiVgsXrYoMWhTB9cp7u_dWDYIqJuWSnRMLNLql7FaPuViRHKj8gnrSOj107hxGORLbPLLhro3iG7bdFFeYUgC1kRWOOa1mxyc2KGLKfjcNYLUr5OeWlWb4fwmOH5MUVhQGTm0E5C-T2NW9ghqT0VKJYBUutzQ5rNOJ-9Re0BkFlJw1PBSQX9z1OfaftTN3Q6hQ74Nj8I7FCBGFvf1JoZLhK5oJWi2rNihtCmwWdLdZWPJWW033TCYQ6UTclbTOnqMq7pkL8ydC9pU6MHqleyVu1En9vPmGFTbDdXbpo4kF2qFvOvqrU5WN5bxpV12wBdwzx6JRoNXweHI8hrzwuTzEGYOnqLv-k-dV8Qa2DVKH6N4ZFaTswTtUbILfkIBJxCVDoKm0xj5oQgBaCPBVE2mLDNwU7W01EzDSorC7pGoQdeJnnEOhvc0AMF9QvN47p079ecMDV9trnBZ3OJEVvAZNMBiMth08_Fze615dT7B9x2k0w81oMdwYVNaACkpfd_KhhzKlq9ub62d42-hma_e3alPYDxCBQf8CD1iTAUh65IT8NNGjOuaYhn7IAa6AOkMKbftdZSazZuyl2EdK9L25FxSMzH7QgQm-ACEfz7_ckYJa9uFZgtD6xPx5_wptgYB-TLNZ6da6BwHK7iXv3we&cid=CAASFeRotVg7tQmJQdu5iEJPiWq2suQqrg&rfl=1%2Chttps%253A%252F%252Fko.dll-files.com%252F%240

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

bcadbd20bbc17ddc1f681c4e013b5f956b5f195e7a7915e6d74f92c842a5ac54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28868
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48BB 42 B
63 B 69ms
37ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhtOOI_NuI59EEMLBwQ72PpbieFUzRY6RjrqInkVIiKR95VKy6ufQoZwxD5bzH_wv-_G1jFFIXuCKWw5kPT81q-hZOO5ULR1u2hgEmDjRZcahju1w

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 48BB 3 KB
1 KB 39ms
14ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:17:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48BB 120 KB
37 KB 40ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 48BB 14 KB
6 KB 39ms
14ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:12:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 48BB 0
0 30ms
28ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6iUyZGQ9WVtkWlKL1D6RlBDk93YytFbWE5tVVtlsB_-9tg2aK0Ov43WfW2qKqgNfRr3Mu5palrU1iNn8YbruiILU-3g
Requested by: Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/ Frame 5BC0 71 KB
19 KB 22ms
13ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

712fcfc2b1e8ce61c980676d7775d39a5a778694d717e1d3576f6b41dd133e3a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3140028837434899912/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Sun, 24 Oct 2021 15:48:53 GMT
expires: Mon, 24 Oct 2022 15:48:53 GMT
last-modified: Fri, 10 Sep 2021 01:46:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19088
age: 214286
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC3A 0
0 45ms
34ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWRg3csV4YeHyH8ni3wOXpIXQDNSMuMZl18Dp3sIOv-EeEAEgueiOTmDJBqABgaGLmwPIAQngAgCoAwHIAwiqBOgBT9DJyXmhcu-zOtbit8537wrkDRWXSz9YEZdYQ0DLxeBexfORFMEBdjCg3yh7yeVCPNMHymQg3eLiLjlw36MvlwLjjdr6U-a99DeNCkmP-xHQ05tf4hxelsUJqq2I7d9z_JEp9Km76iR2xg3HPB0VXuVEyYf4TlF5VdrYJk_0pOFWpEkAVstNbv3XJs14oWupZILmtpaOQ9Fd3fonOahlH-UcrM4fu6p1HxkWAGMWZWRUdMDR_EC62Jdntp9Z5pLvgH8YqIVedcQWZYmATZ9NO8k-e3HjHPTqAla2j9khkADz7Eit1zMtgsAE7b6tq9UD4AQBkgUECAQYAZIFBAgFGASgBi6AB-fe9GSoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6aUJ0ggHCIhhEAEYHfIIG2FkeC1zdWJzeW4tMTk2OTczODkwNjE1OTUwM4AKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi01Mjc4OTczODg4Nzg2MzM0GJb9Bg&sigh=MH73PX5xcLY&uach_m=[UACH]&template_id=419
Requested by: Host: ko.dll-files.com
URL: https://ko.dll-files.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame AC3A 18 KB
8 KB 23ms
17ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 01:23:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC3A 3 KB
1 KB 21ms
18ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:17:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC3A 14 KB
6 KB 20ms
17ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:12:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC3A 0
0 31ms
28ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-9g_wo7WvDf0rx-KxY41VPFdLzXtnAu7kUQP82zQCdy0OsUzBKcrR1NA4yE_9v3uk0KebVEhsPW2lt-uePZ0zTt5DCw
Requested by: Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC3A 120 KB
37 KB 32ms
29ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 52AF 4 KB
1 KB 64ms
14ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 03:06:29 GMT
server: ESF
date: Wed, 27 Oct 2021 03:20:19 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BDAE 2 KB
912 B 11ms
10ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 02:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 02:00:32 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame BDAE 18 KB
8 KB 14ms
10ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 01:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 01:23:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BDAE 3 KB
1 KB 16ms
9ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:17:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDAE 120 KB
37 KB 27ms
20ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 03:20:19 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BDAE 14 KB
6 KB 25ms
17ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:12:46 GMT

GET
H2 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame BDAE 27 KB
12 KB 82ms
22ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:30:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 12:30:39 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 52AF 18 KB
8 KB 22ms
16ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18732
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7873
x-xss-protection: 0
server: cafe
etag: 16040667361225943213
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Nov 2021 22:08:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 52AF 205 B
492 B 79ms
25ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 10:22:03 GMT
x-content-type-options: nosniff
age: 61096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 10:22:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 52AF 604 B
695 B 79ms
25ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 13:01:21 GMT
x-content-type-options: nosniff
age: 51538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Oct 2022 13:01:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 458B 12 KB
5 KB 25ms
24ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 26 Oct 2021 20:01:15 GMT
expires: Wed, 26 Oct 2022 20:01:15 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 05C6 783 B
535 B 62ms
59ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

42402368fae33a2a243eb91c7b00bde283ee2ef0643d5c49463de4fb5fda00a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IRx6uYoF7SR5rCD+VPwMug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 27 Oct 2021 03:20:19 GMT
date: Wed, 27 Oct 2021 03:20:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-IRx6uYoF7SR5rCD+VPwMug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0E18 106 KB
38 KB 69ms
27ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Origin: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 0E18 8 KB
3 KB 22ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BK1_5jtbdqZatR_SI6iIGFYkI5cO2pHqqNbIDQID7z-UOgEH81q4x-Jn56lZsm7Cwl9C_4MjNktpFR_clPPQKDFo_xD_2Y0lzQzeG-OC8aYjyG7yLfpRGfCvAgzY6Qt-sbs-tO7lpKQJOTMluOrAi1Lm50RA&dbm_d=AKAmf-DX-zplctMuP4F3prcBEawsRvo9GV6O4NIyrOUM-M-Ymgkfu8PPNarKI_mw6PwucK0YJPdUqvtBjfiWN-Zn_pP90-LDj06jMXVuv6VlaSoeXuhQCIMxTfLAxEaIVgI0J8THom4TZWBAtSUbFwNPilv8xRtwCraKV0JqHI-QKWyLWf1Nd5np5Axwva0gGeRk3Bs3U1D7qSoaP-YReGk4Ziytm-J1EInH2oC9X3SaUGz3hZKkeueE3fMF87pPGWsdPtgzKTtqMB72_hBbpk3EuYsJKh9nH_k_F1y0zVY4MogS_JgQGzs78uvwJLD2nvV24KhRBjrT0AcNTPWsi7Z0AZa1ugWGQ2cyj8gxjULfRu6RnlKWfj4Duc_uTfLoZ8JC94jUjfMI994BVViS3pK0h6D8wvoPdjYLhBEZ3-m0VhKX4Ar2QSqQXVuT_z6v6Ke87mtA3QObXb06g87J6gnRlffQOUlm06y4xxw1dYp4l2mYILt6vC90GksrIm4UENMQElVO316JtWXPvyfX3uv_UkHRK3MrQVP7vcHI00QbcBsrVupn5eFlbMlrpAmlvrqFzQhGjo9GSHxTQRLPDGNd-AIEXSv-nqbJ6wrc64xsVsUddBI79kSWZkggEzR04RhhpZfV-3xrnWyOvWSjflGnpWjnzyT-AFHVfLftcHaWw9B6xUkv8wEDs2Oq5X7V0Lod5r43k2cG0XLk8uUwom0wz4FRbV1YhSYljsIoFbWBpcBNZCKLqyfx2Na7vxeTyzbAT97qmXlmFS9OjZBdp_kx_3gBjQABuOnNkRs1Ps_PYjCaTDyTkagpRocft2cKGhJCNVVOObcOFWanWG7wGScbslnJvIuZ6ArjFFyQp2qjVQdBaIux7kN5m3UYbbaZBDLltJbXdfzylfep0LDzHJKaVCmimrl8PJnd7snzE4R4mVkF_yMupImfbv6UKjLp86E5kbq3unFTE0XjzROURQZdEMiQxwCC2ncYO5mNKRAWvg4MatZ5QcAlhHdgRTxqyOruyiM5sSj7XL1S6oskgasEpzPOlKwdPBt8ggE3b2_8t9ShMasZ6Vojqa9gMVfKklCWCc2OnxiuvTmVEnhtS1toSh8cz8sNaKInmGSJOPtl603lJ8MzZQcuWq8q0QlfsRPZ7PvSy0OYgYZVRt-f4LvtHtbJXrcGtng1wLdNXVPiMQytFxIzAG5FjMHiz2fFBvXlI1xipEQMJd4IYzB43RlwPhMOdVMUhcUhBi36uXWbLKofsKsRFkqk-8W-98Qd7uWJ2tj3JjGsHY8hCvJ_w9W01-sInHY-Z-JunihPMYFojF7zJLZLoC8x17omJOfX_QH1Xn3Qrpy-tZ8Y_1XmDeTBVo8OP7BuTEFVfQSkx7sEBNKesqCVKp3FNgsQkJSXZC_y4nIVIPpWuGe0wc1bB874r1YDWprQwdZbltzqihyfgqmki8R8G_DPKv6Bn2Vw77WObnjHczEBEGXUKD7nU4aJAtkNwnHwHX_6zNm4sanoH5YXu8kQc2LZ3vjCItrP3eBEvPONlbVvSVLNY40EDzDZmmiHT64dwanvqiTzBmb7Bx1XpXsIs76Dq7PU-_4D1hIHhcJIiOIuscvJBJyFIy9DpGFJjUpoUUJ57UnvFRsDJ9l2vspYdDZ2FSVkBvCUAL7wB6DQkIUHRWYvwKubFMysdWi1Lmoj-e7AqAP__8nzhlz_9l55Fh4b4ULedPskaq0fB6WtEKwiJe-xCpFA0LgsCpOX0u2ATC8RB99CawXy2xZL_EawBL6sTwHnHe87AvvBYCaE62v9vy6RxNthUYyB5hAxUlh7DB1tjMSREZ1vgX5NwWOY7ejEQrqRAyShn2aO9MCU_MkK-EMwvZhmMLOnZraFOioO3NHc97sdLYbX8yYRsE0hEa5hn_amyUzYGdaoDy_GWixZAPllSCX7pYkby7JMhsF4TEDw1pVoMbrfB3JyVKUyQdkv0-cQZZqOf_V6hv1Qtll-ZdN26d4QXZOWUBOEknCIz8LcXBqoGYDLXKaP6FlFERxeIl6V_QkqwhMJTWvkVhw0eMedRoXWLYJAErfjMYPGLTKIY1pQAEj_9I_3dvyUpDSWfXORQWMOsHom0xLbW0JQVuFBSQrYmygy-KizFpPoo_SWIm5xnlWOYCk1jDn6Ie1MNrn8i7DucbJcdt2AekC7csAAEotKHaHbAJPZgxu_n9_ZtUTBWHvtCnmo9NxRQVZb5FsZi9qB7BCujRHMPHiRyrePx4kpXsRfKwVnQY7iWkBoFsv6_u41KlX8E76Ez0T8_NWFEeY5QL9cJCtZY39lD8fdE36A3vLBlML8sx89tROPjbKhn_MgvJ1JYkPyQtyv2Zdx-Ps2HlAlpGDNUGYhAPCYPwNUJ5dFYBdcHUDlampywoezQ0k85EIS-X9fo2P1UOc0DumUayg3HaCcnCus8ArGltBbBoEPmaywQxXmydwprY0GoazVqnCo1OYpjR_OMIsL0O6Ij8h2wQ7_NFu_9PI2WT8GwyGYsrcJnTlZ0Lv13Ud0H3IuCj2Z7Fk4Txowr3XlIe42dmJGFebCRVwZX3BKVLJHilZL1rH4nN8lLGfz_01UFdTy8TTYjKd_Vkhzt3zyWVZpTMfvbzYQlThMHx6dfWWGRVRxzCx8kKxKjxdBxZ4IX4Hu9tVsUslPVYeZfc9_nKEqBUODz5VrhZfBIzEh5J8qFCDfpvgZcsWmFY_ktBrgHpU1PS-XksBH6KXi8IG3aoer-GbAhy06izxNeCQUPZChHz0-t8YWx1kGULXQ7T1gg0NQ-V6n4fBZm1r_t1_6-tCx4gI94XqIBQsTZ9vMgjbADcIkc5Nx9E2JPM35PMgFFvAGvQxCqvEL0Fo3CqaKq9nEG4hRK-X03ZCL1-G56k7fybCcEzX9sktYL1k04BV_ceoyuVicWGUmF9ryBaRGRUjzIl-kozhjn5QChgFr6pKcYUFGuZ6j2Y53TG2NYoR0V_N12ebJZY9LRNV-bl8bUA4Zc6cbDpYJb-diu3IzWab3nZyWi_mGIL_jgepFt3Lp69uGF6SHGbdwzINNZk1NVuCpL0ZeTB27_3nYGBNlZPPL2FgV_ew_ySp2DXCtYQQiGUYMT6FYzIwYX22Pb6lhL0bXXTuyTCO2xQjbsTGs5EG4onDd181IS11p8vYyEErSxMIQfW9Hd8dTyYMtbtIDBQ49O5OtgX9-5NpveptMofP5tL6--9mFEZ-jbZK8cd-oXgBFT3Bno2Hz32ip3yyodp7FlDr9oAATL-dm&cid=CAASFeRoR2Radxx3qmtN478Vjpv4N7YKCA&rfl=1%2Chttps%253A%252F%252Fko.dll-files.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:15:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 0E18 23 KB
9 KB 20ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:14:51 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 48BB 106 KB
37 KB 43ms
33ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Origin: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 48BB 8 KB
3 KB 41ms
41ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPALPn5TphzCUbAVlSMa4r1h-jAuiq4HOAADup5JxMmRAC4U-kj9LHP_pj31XeIU6IxO13AjHPB6L-8u9Gnjr3dUhqGl1W_xJDJntbFFYIMu0RqH39lZ_Kwha6bq_VhEVY2uqf1vPOtdlNJzhHUG8T6REUkg&dbm_d=AKAmf-D4HoYLRYpfILacCnsccQ8M6QofvOly8BdtsOGVbKADHndjJQwdXPNYM179LaNejiWbr2eNKB5OT4NJCCEHgNhAmnQaVU09jrq0SyeXdWJ3UVSeFlJPZzPZuG5jo2eurTmf1eK4Oj57XwyWwIy4MThTcYZHznb0osl_-CePmMmWAKgdAvDa9xgqF-cel4EQHZL3Krm4olUHaEI7b9_2vjU94jlt2M_UXOh5fg6ZvlV1aDeRnJnL9-GZMh5GmAWCu9rqdLVLZ9deZEZuykQ5YT0a2RGbSnriq9iTseew6ELjDMNkGGgQOaURYeKXKHVR_Lb6NC-QYNpzcOxllzm-W18nAcY7AkgnD3yrQnyb7JmW7Z101yt3wbjh_190hx0P0NjcHHX6FogrZid0pI42pVGJjOTDe3GWCr_WwQ1f6Ee7vsC2SpzYezEBuufbefb5dbOorOa1ULvgX4aU2CObVCH_goDICuCrCyLw5LhSTOxG-hYLHiu_GWmEc3w78b-6gQ6IWDmVLKg-qA0p8OPaHOLy0ifPQeRrONZ5fGN76CJ40ynvGHjWN4mM9LChAKhQrgN7NTHEGNqy17IDKmgYedsbkHftOjMuPbxqV5uIPTcf22CIBBy5fWtCiUsa3PBE2GKVKALlzxxVUv2_QEMO1e9Tbik5S11MVyU6Dd6dNNgc_gMskZxZRwUJZZMxHpR-VNvsWjcI9tK7YuNELZcfwyOUBziPHpr1pRR80EuD7o3JOH2XZI4vDOx62zfhm7P-fJQpvu-JocAyswAkEQ7ssbP1YHiiHDRtCvEANY57gFANmJsvATauhjpz99lCwnoVf-7LczJwkBP8n5Kpp9Hqf4Wv6dLF1YoJgKoOTnT9VIiNmtdTHyAcmglmnpC8HqXDXRz9yd8lnx4ZyD_ZB6m7IQKLG86orqXCaM0qvbHxXVYOG1wqsDMOkf2D__7KBhvR5PDvGNORzA9QUbb9K0qQSxII2XjyaAskp8SjBVZf4U6XiQwQP6MeVbPc80jbO0MNDUDGn6HEszuEdUJODZPxgvC8_M8Ph55Xbqd8rYkPdJZ78uasMip2HtP1wB0wvly5mrURiVSruTJjhTs6rhnG2XMHNN19MkUjvRToaY0jZRyvt4y-vOhpmw6I0qMwneHb2gb8Aqx-XjUugNr4HYFh7P7rR0GEce8dJyihOybbP0ddeB1USw9VXft_fxcfngh295k1aARe3wxxHq4sW5IbDEj5wsHq_0NZ1NtqJk973fylvngzYiUu59ld3JB8FWZPB0TcG_VUDmuFg38joH_jTF4JhaWjURVwdsfLR-POiuaTy4EGZk7ItJb0bqmyXeikuvGzWyco5fZxMtRE2kFs5WUo5jQ9-SdcmSkAXi5vJrO60X8ELY0P5JCfwMG678NQB0UGG-789Ea5IvWS87dvuBbJvzD9gL-lm-3cmp9LIr6yQ6CH-htHIIE2Vzm9J-nBzQRh6N4XE9XUd2fUP5fxMM-939jws7DBZFZZEWU0S-gKDOCmDfxZ9IkUWycTu4V7bOyLMA71ba1mmunRlS3DKCGGVWkOdiGkXULWxR4Frap3LPN7GnF7tVyqd5eJpJm2pjP4DWfMTsVuolKd9-2_hagcKgLklo9eRnBaPpH7Ad3-W-HQ_YSG6SFWK5BdooNduZrzl8KJvafviH_0x_GI77BFTV4-C7M74crIZE6xURSSAJJN05NzO2dlu-o5G6jW74niHezO8KxRfxbwNbCeS1uA-RzPXGGUMF6EFgVmUnZeUozZAyhVgHDKf-I7_0X514wAgUtKXhqCbR5FNLbwM_v4wcV0cgxGXLr-vQQNHkfOJS9gMA_MolNwUetd5cyr82zBI9SXGo_SHYBCZfCb4cEUD3bPTXU8qoOpSCNJTjp32mqHtRoBi2woD1w3huD9ym6fdMI21Bc0Uu0dAjkXuPPQwE25KRWbP9yv2cv7mgCYAwnOqlO-QcUdQMly_gEtXFfITY1UZ35YP61mK8s8Xk7FdTPZ_GoPO1Dd7i-dIkV0SC9XQ71N3SpKuYbYcKGyfgZYrDgit2iQw_ZDe7OxsteohoYb7C2UQjDGlI49bUBeMPcCWu8wUx4S4HpgGvcwY5IY0c2LfB0EtUql2tjdQKzkDYwbOLmSLk3kwt3WMOxKJlVqshBqGvz0pdfbsi_Yoh4LQVMGYG9Zjdnkk4AO54D0w63xXjGT57GrhuBmtOAL8RAntoBEswMWkFp7TUW-efH95cB3HJskGuMkO2x709z9XEarE2-YTcZ4Yvl9ge_QfYgYJtmLSIScVVRMSljA9f9DzFY90gZHuPpU6yDekUyzP2sGeRvSKuOUpdivnpvuL4cDRZxmD1QuFbBtBr30VPkuKMkFR1wY7iigTTWDFvgvYL8NyQX_9xkWe1njUyamzSByGWflXvy359xL0UHXOB_lfJjy3ACqjUxgYqosOPkZs2Z_am3YNOH6QLK_54PlTIoYo3K7SNgyd4YkZ0d88R4QYftxzpuacHXYtZOFWWaRC0Yf1WjIXzL_I4Kd2LqYqSEcOTLvnqpQXhfO4bA7CiJky52hriBfnEcglL8A37cIzGwL3_yJA8mxQqiowuFSptkDftUTiVgsXrYoMWhTB9cp7u_dWDYIqJuWSnRMLNLql7FaPuViRHKj8gnrSOj107hxGORLbPLLhro3iG7bdFFeYUgC1kRWOOa1mxyc2KGLKfjcNYLUr5OeWlWb4fwmOH5MUVhQGTm0E5C-T2NW9ghqT0VKJYBUutzQ5rNOJ-9Re0BkFlJw1PBSQX9z1OfaftTN3Q6hQ74Nj8I7FCBGFvf1JoZLhK5oJWi2rNihtCmwWdLdZWPJWW033TCYQ6UTclbTOnqMq7pkL8ydC9pU6MHqleyVu1En9vPmGFTbDdXbpo4kF2qFvOvqrU5WN5bxpV12wBdwzx6JRoNXweHI8hrzwuTzEGYOnqLv-k-dV8Qa2DVKH6N4ZFaTswTtUbILfkIBJxCVDoKm0xj5oQgBaCPBVE2mLDNwU7W01EzDSorC7pGoQdeJnnEOhvc0AMF9QvN47p079ecMDV9trnBZ3OJEVvAZNMBiMth08_Fze615dT7B9x2k0w81oMdwYVNaACkpfd_KhhzKlq9ub62d42-hma_e3alPYDxCBQf8CD1iTAUh65IT8NNGjOuaYhn7IAa6AOkMKbftdZSazZuyl2EdK9L25FxSMzH7QgQm-ACEfz7_ckYJa9uFZgtD6xPx5_wptgYB-TLNZ6da6BwHK7iXv3we&cid=CAASFeRotVg7tQmJQdu5iEJPiWq2suQqrg&rfl=1%2Chttps%253A%252F%252Fko.dll-files.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:15:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 48BB 23 KB
9 KB 36ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 03:14:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

43 B
1014 B

44ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 03:20:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1C9A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXjFcyHwHfAkN51r4NSYLwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

43 B
894 B

14ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 03:20:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1C9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

43 B
1006 B

18ms
18ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNWaTcPuCgOMFOi6tb0muY1CUAQ20CV8Nmxi-MfL_C4n7mrWj_kq2fgHNt8bviDx2qWubxH7UtV8zmHr5vPv5bR02ENJlq0fT9wQKejj3_CnZGo4sSE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:19 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c7f8d84-fc9a-4ec0-a968-a61fbf4e0ad1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C9A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

170 B
243 B

124ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:19 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c4cd495b-b986-4f67-8bea-e659c5c9e276
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4A66
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

43 B
1014 B

29ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 03:20:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4A66
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXjFcyHwHfAkN51r4NSYLwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 27 Oct 2021 03:20:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECIK_RWTzbgD28mAPUEjQf8&google_cver=1&gdpr=0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 324
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4A66
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

43 B
1006 B

71ms
71ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COa3ExCI8IeXAhjG3_WwATAB&v=APEucNVNRY8lXLmZrIsJ-K_w98I_CR8eHXvnvjes1PtBTcPAQIrcPG3Nv-G9iqNNKL0_bBGU1FfI0nEC0fZb3VHzKTIZ9MdFtT8aTmHds1ca40750QETIXo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:20 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a2280dc5-3867-4572-aa6d-faa71c18ce25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEDsZv73gNTW88Ava_2b2cLU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4A66
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

170 B
232 B

123ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:19 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a74f5a3e-ae33-44f1-ba7c-0d66c1baeded
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTE1Nzc1Mzg2ODg2NDgwMjk5OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8BE5 143 B
163 B 25ms
7ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmPxlIrou31epwXLSJqzrqTXakfVaiqC-T2WqRP74YaHUpdZ_zpiYKbN0Tg8qU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 02:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AC3A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6429f0abcbb2415b637b01fe5821136c6af9c50076f053f5aa08694171eef33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5BC0 16 KB
6 KB 7ms
7ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 03:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 27 Oct 2021 03:54:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5BC0 26 KB
10 KB 8ms
7ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 28 Oct 2021 00:06:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9605446/1627388849932/ Frame A1DA 12 KB
5 KB 36ms
17ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9605446/1627388849932/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

84ad3a32f24cac32c08a09d4f3bf8080631b9e6b5de2918e39f0450e39f6f201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9605446/1627388849932/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 4831
date: Tue, 26 Oct 2021 12:31:03 GMT
expires: Wed, 27 Oct 2021 12:31:03 GMT
last-modified: Tue, 27 Jul 2021 12:27:29 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 53356
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E18 0
346 B 31ms
27ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGBwukpb0zBOtIl88NF9l5ueb4jRZsKo5YrWQ16cVyjhcrIjyqN-wYUPca97pRdWXQGeRw7KKnpqQ_qMhdm1p9ma_dc5Ftc3W7X86k8-bVEW5wv_-Z1h54jZBskLB5LznPc2C6O4224PefnPSNB0460zxKyg9fpiArDhv6Iy_uQrQtjyRfkahCQ8LY_tAgj5FeqBSfPhuG_F7iXlDgOC2e1qdnYGU8vBP9FOmiD1o78SQX7PoJjYOHD4nDYRV64syOwx3JmoW98TJVIsvUP898z_qn8Dg7hGxkmypltb876usg-JCVeTXRgwNmYBRWzMI2dVS_YD7HAogevHYELU3aDRZ60zsHJE3ZPpqcmSjGbwNk-7v2XagB4Hmyz_AZoYEMD-t8PJWipawXGAdE_EZ64tov6tKocnDtDMGUiC1IZ_1mVz_uk50cbltQvbYht0bzhNZtvNgC2Yu_BZyU7Ll5XDgtvcfa3bjSPFxGoPaczBCqnv0OPLIvZQQLfAPkAOfe-GTXyf-3jplLHjJxjtZNe9vfaif8E5pNnXoercWDBlygNpqaJ4O2cCnSNPEFY1UEGlTgGUC2K-rCl0dZFfqUgRKoN32MJ_PYzKJn0JCdaMATQm88H0zeIdiR-jYjpFTVyQ59kWPyFTVhx6A8ekV00RnNtzx8B2kW_f0SNaVqVGvE9Q3_Ihz7f_L8Moh95M0FSRvyXme4fs0YMG4XnsfCT17FvmfAzM1g_6KUYCHsSK332bRJ8m3yD8ARHSCXSL4XYZUhrcs92xh1Rro2mNK1fk6d0Hcq-VXU7bbuCcRRIBkfHMLP_dR-cQTo3gZDAdYlzMuSSaApOinLiyaJJY2wnMqnpP-87bREpXryl4V4bFydQk5omFpZ8xoVzT9hH9yVjNjC3KF4IYOWsfUUzwTntMf6ap3-DIXGNa2XyXMYigulZCft5V7U57DiAdkKAI0WjUtyMjd3_9CET-qHXuQTYnTxOnxovp8BefqRUAfQjYm21k0ijZxwsGLQfz9sIgQK_q1V9jpXkLNu1mleV83c90LkSF-swOUkqnO1BMOPQ5jr8tJv0GHFq5Tpk0KWdC9GYFS6-ByTBF2G37j0hGpLQZAa36GTRPjjcYRNEIWWpR7HolHriA7nc5ypsZdpgpdDCP4XfFvLM-Tczg-7L-dl3rCmkVHdu_Qo1L0dM-u7Gm8WGmMhNtzke692JMWEH_FDUBkLrxEV6ruQsYXgwM2CkgM&sai=AMfl-YQ5m2FSaNKQDI1Y8owfo5UuzpNSqORYawZs1GcmNEZHchjTdDe5kJK6gyEjGhVqZL11pbPZFawPQZzXLBg1MhQcTiK3iI9WW2f74CH1D4YLrrV5TI1ePhDhlaFrBaK1k4QAvjktg_jBlW98em5mn-IFtvVtIP2komN1JvM&sig=Cg0ArKJSzKH75EvV8UvyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=390&cbvp=1&cstd=359&cisv=r20211020.31222&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 27 Oct 2021 03:20:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/9605446/1627388849932/ Frame 1F4C 12 KB
5 KB 23ms
12ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9605446/1627388849932/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

84ad3a32f24cac32c08a09d4f3bf8080631b9e6b5de2918e39f0450e39f6f201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9605446/1627388849932/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 4831
date: Tue, 26 Oct 2021 12:31:03 GMT
expires: Wed, 27 Oct 2021 12:31:03 GMT
last-modified: Tue, 27 Jul 2021 12:27:29 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 53356
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 48BB 0
61 B 36ms
36ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSKzcYRTiFu4lzrp5KVAOy943BU7vKOqMSNj5tWgqG92zULrX8wlVr1t5WUSrPWLPCHtfneFJQ6Hc2ck929Quf7agN456zfNKo9GS-e6NFjEsDzOqrJQH6NEjdlQ8IQdtn0sxfAO4VVL-J4v7QNr33WsfjQOJVQFOgBi5etlnaYwyExkQL6bQSWUpP0xwyfz29HCzrA78QIkopqdVqxfKO3YJIH9jAEAaHlM6GqaqBvMg53lB1oofFwSow2DSGDRBq0Pz-k9NCWlqBAcNEU_cfmSofa9oP71nFDnxiJr-EjIfFSSPCknrbDl67lTUOewOfcJGI-yoouPfrXOqe181laayek4fiNvfWJ8DIOJFhWaqYI1Yw6Mb3596ACRv7K0-02Ny1GB6mNRHCM0O55y_bt7vM99t1x5NLzACTTElT0Vu6H19jQWIDxMc9FSQALZfZ1SxPPh-Y7w0ZiEVNEZZ0hn7Ff-zZ4J19_J70wagClScWbGxiZoCIeuYX49xqgPLa86KAJ7JqVetc8ztw7kjDniaoKsb0HTClKcapapEp444NMtsjWtV5982cA7np1sEvtrRIDZRWML23sbgt1glkSpoiz2FLbFevC8zxL1-up2HCS1uou-TKbYn-tJF2tbGXNp8dLCsA_d9cP2V_wnmQa3hJxodSXs0UAfxG9E6ws53cM4KlZnau4uD2mP1Ze-rkt1pikX1g3rWyCB7nsNDxWvRtcDj2bNt3hk9QyBaTmT1L3mjbX4upSY6tWUmRQ2XRZV-WGrE9RlgLLG2rGSSW3XJ1J8cO6lBm7K7mu6xoEaPx0NYWYnJoQWTqL3Yz1ltwuIR0voym-WIEX44OzISjdda-s09jzF8f1KAPaHWqj0pyIBaoNkpQiSCWMNFJw2NzVDli61KpE4NXKLlz36V6CSduz03ClGJDBXfefDMKkAojHXemzYNpW9una1GDQmIIR9xZ2iSR5QOSz7D7a-tIgQHxrmDIy8gdjo7798UGq5jnK_h6X7mxGLsRwzXIasAunYKhudahJrksjy4DeLBuPsn9JBUkothSpdofHiB68Rxvb4jzG6hR4J3sdYGRUMoMn3kEKXA8if2u1oNkPIe02ciCb6Ri4h-5JjmpqqI95FH6IzPHGuRYy9rnjiCJMckv5HJBcIm9DY5VyiIWrmOocuKHC08suH_NxTlAW4CHhlDwkyuZMWVwXgJuIGn4G0PJnn7Nc7fQBzCf-70SQ3eIbus&sai=AMfl-YTrIcw6g4R1gKIHdFHnpD4WEUtTWpl-JVpzvCIr-KdrslPGUoP-qh390MvxJA4j8eKbmz9Wq5FmJiR8PfW02Z6EOKE_TaDuqeIJ1SI1MaaHCqiUdArcJ5h_gI02WwIST7n02HNPkrCTTvT4xwRsW-lyFiISnwKbq0sYAoo&sig=Cg0ArKJSzL9TpgQdHnNUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=369&cbvp=1&cstd=367&cisv=r20211020.90988&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 27 Oct 2021 03:20:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E18 41 KB
15 KB 8ms
8ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 24 Oct 2022 15:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 0E18 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff65e4d45fe2e30dbc938c96aca1e20eecc8afa8bb20b5c7605ecb6e1d753053

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 48BB 41 KB
15 KB 21ms
20ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 15:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 24 Oct 2022 15:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 48BB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d631b234d1b0781eb430f495bbc8594bbdeeebc050cf0ddbfc3f515cd0544d23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Show response
pagead2.googlesyndication.com/bg/ Frame 458B 35 KB
13 KB 15ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13232
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 21:18:47 GMT

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
353 B 10ms
9ms XHR
text/plain 18.194.49.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=arinterval

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.49.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-49-170.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko.dll-files.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://ko.dll-files.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 2
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 404 null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/ Frame 5BC0 43 B
65 B 195ms
194ms Image
image/gif 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/null

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3EB9 22 KB
8 KB 14ms
14ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 24 Oct 2021 15:12:34 GMT
expires: Mon, 24 Oct 2022 15:12:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 216466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A314 22 KB
8 KB 8ms
7ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 24 Oct 2021 15:12:34 GMT
expires: Mon, 24 Oct 2022 15:12:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 216466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 05C6 0
0 25ms
24ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102001&jk=3773981648003983&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 pegi.png
s0.2mdn.net/9605446/1627388849932/images/ Frame A1DA 2 KB
2 KB 12ms
12ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9605446/1627388849932/images/pegi.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

0b950159f34a3d705f6ce23fd8a9dd78e55deb9844e36b850395f77b0c511874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:31:03 GMT
x-content-type-options: nosniff
age: 53357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2480
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 12:27:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 12:31:03 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A1DA 105 KB
35 KB 26ms
25ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A1DA 186 KB
48 KB 24ms
24ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
H3 200 app.bundle.js Show response
s0.2mdn.net/9605446/1627388849932/js/ Frame A1DA 281 KB
131 KB 9ms
9ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9605446/1627388849932/js/app.bundle.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

8b2cb234df348525b8615d22d789825e8ad22919f489e414ade43f79697d092a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 133669
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 12:27:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 14:25:05 GMT

GET
H3 200 pegi.png
s0.2mdn.net/9605446/1627388849932/images/ Frame 1F4C 2 KB
2 KB 26ms
21ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9605446/1627388849932/images/pegi.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

0b950159f34a3d705f6ce23fd8a9dd78e55deb9844e36b850395f77b0c511874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:31:03 GMT
x-content-type-options: nosniff
age: 53357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2480
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 12:27:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 12:31:03 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F4C 105 KB
35 KB 28ms
23ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F4C 186 KB
48 KB 26ms
21ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
H3 200 app.bundle.js Show response
s0.2mdn.net/9605446/1627388849932/js/ Frame 1F4C 281 KB
131 KB 23ms
18ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9605446/1627388849932/js/app.bundle.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

8b2cb234df348525b8615d22d789825e8ad22919f489e414ade43f79697d092a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9605446/1627388849932/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 133669
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 12:27:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Oct 2021 14:25:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8BE5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

24ms
23ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
URL: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmPxlIrou31epwXLSJqzrqTXakfVaiqC-T2WqRP74YaHUpdZ_zpiYKbN0Tg8qU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 03:20:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 27-Oct-2021 04:20:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 03:20:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 03:20:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/ Frame 5BC0 20 KB
20 KB 9ms
9ms Image
image/jpeg 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/BG.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

725ad7a9eb8d6e77c47cd2eac70a8953f159c5eaa1edecfaff754ef116327ea2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20240
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 01:46:06 GMT
server: sffe
date: Tue, 26 Oct 2021 13:36:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Oct 2022 13:36:09 GMT

GET
H3 200 css Show response
fonts.googleapis.com/ Frame A1DA 2 KB
562 B 37ms
22ms Fetch
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700&subset=latin,latin-ext

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/js/app.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

49bf74092519230222c54861f904556e19e3f4cb715fc3c60ad7e378822ac967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 02:18:19 GMT
server: ESF
date: Wed, 27 Oct 2021 03:20:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
DATA 200
OK truncated
/ Frame A1DA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aeb294d661bf321d8ae67a118d749cdedfdb999e10571e135eaf8af493935a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f160c4fc12975c4e00c4d860c8e5345f949befe3802335782b39fd0a383add3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 871 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa4817d3d47ac340bbee3ce71a13e731abd2747765153dc3253db4ef1e302213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b154e361ce5d3aa71655dfe801e5c7af7ce43b12ba072d1e76be7db5b1c24b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 710 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12533fea2f3a528c42ee8846dbbb3dea967f6ce50bef9af7f3179958a4656285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 636 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45775e8b103c82c38512df6d94bb1d61d9e51f7240ac933bb9f257fcefc8f53c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24322188927a35ee6398f1d8199d71e323590925d154a1fb3b4bdf76aea88a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c71e30a9addf7eb0947de98343c9d8771ce93401488799d2f63758c031a7c998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 915df7ffaf5d69658bfdec4822c449ce919d900111984326656cf54d4175ff3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a3bf407a19e98f1588e30f94f010494230712f8de646a64419a9fe6e7b76d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0feedb1a3366a367c43c26c617661337810a1355bdb34e486bdd691cdd5b5ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a577426e96390328853da2d33e73fefcaf5ae69da192d6dcd0596c93a9fc3edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69529e67f23b6701dae03440cfeea5c46d1bb58c92882a5bec8c2d024905d2cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 309f0b1eb8d0d24b93cbfa3e0dd883456380eed6ae868ccdb8d5a802efbde8f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d592a2c714c3f3618b107d0768209944aee95db110bf2858eb6a2789e6b1490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d8abaa691e388affd4e117c634123f1bcc6f3712fa8c4eb1daa725c9d17f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22c843879e5e4f704846fd2af7cd254a62abbc94099bfa28870a79647f39a1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46bcb67f75d20cbbb556256ed5af2d9ab3886f671e34b284dc98107707c85b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 649 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 005f45b85282d6c744e169cc36f5a35497792f6d0caebcaec4b1ae387155926c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 365 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5f3ac468ccf607ed91ab2ab7ab75ac7627237f7a69ffb074b2e1ad09285fb6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0883c1890ab05ed72947d4de52617cd5580601e2d8956c975cd5e040cdc2683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 600574f49d53a1ac4a023cd2f5412084180ab69948bcd19d22f51f7e2b1aaa84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23322d94c1db936f1cd45603a4a8f667c4cfdb77d9ef52d4f835c22e78933bdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0607cce8c288e16836f677b9a734afcd1f2f12970e05b9e6aac785774e7e5c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f384206ca24c6605dc233f95d8cbbcd02c0290d25e6bc729b0c7abe39e36d0ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef53807224b11e5434f51edfce1553687b561c75c25b5f73d8b005d24b44dafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5376989374c43d7ab1ce09aeeb7c9f95de7c28f81c148ee0a05048e8d58480bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E18 0
23 B 20ms
19ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGBwukpb0zBOtIl88NF9l5ueb4jRZsKo5YrWQ16cVyjhcrIjyqN-wYUPca97pRdWXQGeRw7KKnpqQ_qMhdm1p9ma_dc5Ftc3W7X86k8-bVEW5wv_-Z1h54jZBskLB5LznPc2C6O4224PefnPSNB0460zxKyg9fpiArDhv6Iy_uQrQtjyRfkahCQ8LY_tAgj5FeqBSfPhuG_F7iXlDgOC2e1qdnYGU8vBP9FOmiD1o78SQX7PoJjYOHD4nDYRV64syOwx3JmoW98TJVIsvUP898z_qn8Dg7hGxkmypltb876usg-JCVeTXRgwNmYBRWzMI2dVS_YD7HAogevHYELU3aDRZ60zsHJE3ZPpqcmSjGbwNk-7v2XagB4Hmyz_AZoYEMD-t8PJWipawXGAdE_EZ64tov6tKocnDtDMGUiC1IZ_1mVz_uk50cbltQvbYht0bzhNZtvNgC2Yu_BZyU7Ll5XDgtvcfa3bjSPFxGoPaczBCqnv0OPLIvZQQLfAPkAOfe-GTXyf-3jplLHjJxjtZNe9vfaif8E5pNnXoercWDBlygNpqaJ4O2cCnSNPEFY1UEGlTgGUC2K-rCl0dZFfqUgRKoN32MJ_PYzKJn0JCdaMATQm88H0zeIdiR-jYjpFTVyQ59kWPyFTVhx6A8ekV00RnNtzx8B2kW_f0SNaVqVGvE9Q3_Ihz7f_L8Moh95M0FSRvyXme4fs0YMG4XnsfCT17FvmfAzM1g_6KUYCHsSK332bRJ8m3yD8ARHSCXSL4XYZUhrcs92xh1Rro2mNK1fk6d0Hcq-VXU7bbuCcRRIBkfHMLP_dR-cQTo3gZDAdYlzMuSSaApOinLiyaJJY2wnMqnpP-87bREpXryl4V4bFydQk5omFpZ8xoVzT9hH9yVjNjC3KF4IYOWsfUUzwTntMf6ap3-DIXGNa2XyXMYigulZCft5V7U57DiAdkKAI0WjUtyMjd3_9CET-qHXuQTYnTxOnxovp8BefqRUAfQjYm21k0ijZxwsGLQfz9sIgQK_q1V9jpXkLNu1mleV83c90LkSF-swOUkqnO1BMOPQ5jr8tJv0GHFq5Tpk0KWdC9GYFS6-ByTBF2G37j0hGpLQZAa36GTRPjjcYRNEIWWpR7HolHriA7nc5ypsZdpgpdDCP4XfFvLM-Tczg-7L-dl3rCmkVHdu_Qo1L0dM-u7Gm8WGmMhNtzke692JMWEH_FDUBkLrxEV6ruQsYXgwM2CkgM&sai=AMfl-YQ5m2FSaNKQDI1Y8owfo5UuzpNSqORYawZs1GcmNEZHchjTdDe5kJK6gyEjGhVqZL11pbPZFawPQZzXLBg1MhQcTiK3iI9WW2f74CH1D4YLrrV5TI1ePhDhlaFrBaK1k4QAvjktg_jBlW98em5mn-IFtvVtIP2komN1JvM&sig=Cg0ArKJSzKH75EvV8UvyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1095&vt=11&dtpt=705&dett=3&cstd=359&cisv=r20211020.31222&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:20:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css Show response
fonts.googleapis.com/ Frame 1F4C 2 KB
562 B 19ms
19ms Fetch
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700&subset=latin,latin-ext

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9605446/1627388849932/js/app.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

49bf74092519230222c54861f904556e19e3f4cb715fc3c60ad7e378822ac967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:42:58 GMT
server: ESF
date: Wed, 27 Oct 2021 03:20:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 03:20:20 GMT

GET
DATA 200
OK truncated
/ Frame 1F4C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aeb294d661bf321d8ae67a118d749cdedfdb999e10571e135eaf8af493935a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f160c4fc12975c4e00c4d860c8e5345f949befe3802335782b39fd0a383add3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 871 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa4817d3d47ac340bbee3ce71a13e731abd2747765153dc3253db4ef1e302213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 383 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b154e361ce5d3aa71655dfe801e5c7af7ce43b12ba072d1e76be7db5b1c24b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 710 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12533fea2f3a528c42ee8846dbbb3dea967f6ce50bef9af7f3179958a4656285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 636 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45775e8b103c82c38512df6d94bb1d61d9e51f7240ac933bb9f257fcefc8f53c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24322188927a35ee6398f1d8199d71e323590925d154a1fb3b4bdf76aea88a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c71e30a9addf7eb0947de98343c9d8771ce93401488799d2f63758c031a7c998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 915df7ffaf5d69658bfdec4822c449ce919d900111984326656cf54d4175ff3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a3bf407a19e98f1588e30f94f010494230712f8de646a64419a9fe6e7b76d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0feedb1a3366a367c43c26c617661337810a1355bdb34e486bdd691cdd5b5ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a577426e96390328853da2d33e73fefcaf5ae69da192d6dcd0596c93a9fc3edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69529e67f23b6701dae03440cfeea5c46d1bb58c92882a5bec8c2d024905d2cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 309f0b1eb8d0d24b93cbfa3e0dd883456380eed6ae868ccdb8d5a802efbde8f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d592a2c714c3f3618b107d0768209944aee95db110bf2858eb6a2789e6b1490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d8abaa691e388affd4e117c634123f1bcc6f3712fa8c4eb1daa725c9d17f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22c843879e5e4f704846fd2af7cd254a62abbc94099bfa28870a79647f39a1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46bcb67f75d20cbbb556256ed5af2d9ab3886f671e34b284dc98107707c85b34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 649 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 005f45b85282d6c744e169cc36f5a35497792f6d0caebcaec4b1ae387155926c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 365 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5f3ac468ccf607ed91ab2ab7ab75ac7627237f7a69ffb074b2e1ad09285fb6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0883c1890ab05ed72947d4de52617cd5580601e2d8956c975cd5e040cdc2683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 600574f49d53a1ac4a023cd2f5412084180ab69948bcd19d22f51f7e2b1aaa84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23322d94c1db936f1cd45603a4a8f667c4cfdb77d9ef52d4f835c22e78933bdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0607cce8c288e16836f677b9a734afcd1f2f12970e05b9e6aac785774e7e5c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f384206ca24c6605dc233f95d8cbbcd02c0290d25e6bc729b0c7abe39e36d0ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef53807224b11e5434f51edfce1553687b561c75c25b5f73d8b005d24b44dafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5376989374c43d7ab1ce09aeeb7c9f95de7c28f81c148ee0a05048e8d58480bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 48BB 0
23 B 23ms
18ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSKzcYRTiFu4lzrp5KVAOy943BU7vKOqMSNj5tWgqG92zULrX8wlVr1t5WUSrPWLPCHtfneFJQ6Hc2ck929Quf7agN456zfNKo9GS-e6NFjEsDzOqrJQH6NEjdlQ8IQdtn0sxfAO4VVL-J4v7QNr33WsfjQOJVQFOgBi5etlnaYwyExkQL6bQSWUpP0xwyfz29HCzrA78QIkopqdVqxfKO3YJIH9jAEAaHlM6GqaqBvMg53lB1oofFwSow2DSGDRBq0Pz-k9NCWlqBAcNEU_cfmSofa9oP71nFDnxiJr-EjIfFSSPCknrbDl67lTUOewOfcJGI-yoouPfrXOqe181laayek4fiNvfWJ8DIOJFhWaqYI1Yw6Mb3596ACRv7K0-02Ny1GB6mNRHCM0O55y_bt7vM99t1x5NLzACTTElT0Vu6H19jQWIDxMc9FSQALZfZ1SxPPh-Y7w0ZiEVNEZZ0hn7Ff-zZ4J19_J70wagClScWbGxiZoCIeuYX49xqgPLa86KAJ7JqVetc8ztw7kjDniaoKsb0HTClKcapapEp444NMtsjWtV5982cA7np1sEvtrRIDZRWML23sbgt1glkSpoiz2FLbFevC8zxL1-up2HCS1uou-TKbYn-tJF2tbGXNp8dLCsA_d9cP2V_wnmQa3hJxodSXs0UAfxG9E6ws53cM4KlZnau4uD2mP1Ze-rkt1pikX1g3rWyCB7nsNDxWvRtcDj2bNt3hk9QyBaTmT1L3mjbX4upSY6tWUmRQ2XRZV-WGrE9RlgLLG2rGSSW3XJ1J8cO6lBm7K7mu6xoEaPx0NYWYnJoQWTqL3Yz1ltwuIR0voym-WIEX44OzISjdda-s09jzF8f1KAPaHWqj0pyIBaoNkpQiSCWMNFJw2NzVDli61KpE4NXKLlz36V6CSduz03ClGJDBXfefDMKkAojHXemzYNpW9una1GDQmIIR9xZ2iSR5QOSz7D7a-tIgQHxrmDIy8gdjo7798UGq5jnK_h6X7mxGLsRwzXIasAunYKhudahJrksjy4DeLBuPsn9JBUkothSpdofHiB68Rxvb4jzG6hR4J3sdYGRUMoMn3kEKXA8if2u1oNkPIe02ciCb6Ri4h-5JjmpqqI95FH6IzPHGuRYy9rnjiCJMckv5HJBcIm9DY5VyiIWrmOocuKHC08suH_NxTlAW4CHhlDwkyuZMWVwXgJuIGn4G0PJnn7Nc7fQBzCf-70SQ3eIbus&sai=AMfl-YTrIcw6g4R1gKIHdFHnpD4WEUtTWpl-JVpzvCIr-KdrslPGUoP-qh390MvxJA4j8eKbmz9Wq5FmJiR8PfW02Z6EOKE_TaDuqeIJ1SI1MaaHCqiUdArcJ5h_gI02WwIST7n02HNPkrCTTvT4xwRsW-lyFiISnwKbq0sYAoo&sig=Cg0ArKJSzL9TpgQdHnNUEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1130&vt=11&dtpt=761&dett=3&cstd=367&cisv=r20211020.90988&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: ko.dll-files.com
URL: https://ko.dll-files.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:20:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 5BC0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 button_seedetails-h_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/ Frame 5BC0 922 B
955 B 8ms
8ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/button_seedetails-h_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

484330641cece9095f3707196632874e81ef5f5af7f98755f1c2332f996917d5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 418506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 01:46:06 GMT
server: sffe
date: Fri, 22 Oct 2021 07:05:14 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 07:05:14 GMT

GET
H3 200 rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EB9 35 KB
13 KB 14ms
14ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13232
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 21:18:47 GMT

GET
H3 200 rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js Show response
pagead2.googlesyndication.com/bg/ Frame A314 35 KB
13 KB 16ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rYsSliro57HlqQ0w1drzgXd5CbzCCwb6qdFIuIj2zIs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13232
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 21:18:47 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame A1DA 15 KB
15 KB 38ms
14ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:08 GMT
x-content-type-options: nosniff
age: 467052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:08 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 1F4C 15 KB
15 KB 40ms
17ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:08 GMT
x-content-type-options: nosniff
age: 467052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC3A 42 B
64 B 18ms
17ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslxBrnND7rX7VciVpwGpdLrW_QyGx7jn1E_RKJW1rebMFIFf6FwtN3KPA9u5cFPhnnKqdn-yLS9b-k5ZZxE7D_gIktBixQEIS-m4lHMTpvFBoscKI&sai=AMfl-YREEenLD5ot3Roa9OkekTK97CRi6wDFPxIrPyN3g_lYIyvaOXAnvnFsuW18dWY8Q7n8IdFWK0jI0cFoc6_dTp8TZtDd_OLOXKW8C-mVli7yTwD0ojcRpEna77q5f84&sig=Cg0ArKJSzGQTUvjuxQj6EAE&id=lidar2&mcvt=1106&p=209,436,299,1164&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4189499360&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635304818901&rpt=827&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A1DA 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ce10ba8ad08f88ba7fa6bc6908b5a19a0e3f6a83fc3a9603f4b94d7d9cbfe79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 782 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e965c81b8ff30a1401f77edf361e710ae5e1ae08283442309b00648c0a5037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A1DA 799 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec156a4b9e5a7083af2cfdcee5409a72f6f773243a56f4153cadcb7a80aeef7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ce10ba8ad08f88ba7fa6bc6908b5a19a0e3f6a83fc3a9603f4b94d7d9cbfe79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 782 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e965c81b8ff30a1401f77edf361e710ae5e1ae08283442309b00648c0a5037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F4C 799 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec156a4b9e5a7083af2cfdcee5409a72f6f773243a56f4153cadcb7a80aeef7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png;charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E18 42 B
64 B 18ms
17ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1WnSyi3ncLmM2nTr9uDyAtR2UKW9kPy3L-5zlAYP1x5Ev-yxcbm7cle6Izgn041mE9sES8Tj_BEdVfC1YSti7_gSM_8GqVTBc3ABBj0AJU58QAw4&sai=AMfl-YRdEg1ngE_c1_vA6dnuuCLr68ce7XYNfJS_Hck0EUEEZzPBgOCLUFJod1jTMxk_lMTmxzmcIIJ3MvoTarEeBGq-XBFqN21bFyA6W3ZgZXLZ2DQRIpywdFp2r2gsofI&sig=Cg0ArKJSzP0b2hG4AY8zEAE&cid=CAASFeRoR2Radxx3qmtN478Vjpv4N7YKCA&id=lidar2&mcvt=1094&p=1053,436,1143,1164&mtos=79,79,1094,1094,1094&tos=79,0,1015,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=125749252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635304818818&rpt=1068&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48BB 42 B
64 B 18ms
18ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsRbf-lxPSbgL4P-iGrGiJTL0jy9wbmW8N5InAaQ97uv5_yBTeGocY1_XPccvSCwON672M8hlZfmVWL3D6jF8ZT6FWHIGOrP8eVY4zMVksNaZLDXw&sai=AMfl-YTpxuSZMR_vEwYATDLx6x_lW4-9cRkxdHd7IRkZzAB25WRg5nYT0cleBXDAHU0bdmcpjU4Z1_KC3WxtSb9qWxfKLR8onYs6EKqlsmtvQyCEuTFVVEP2uHGwm0msS6NR&sig=Cg0ArKJSzOW-BOfNNeqXEAE&cid=CAASFeRotVg7tQmJQdu5iEJPiWq2suQqrg&id=lidar2&mcvt=1058&p=0,436,90,1164&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2488649843&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635304818860&rpt=1049&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 34ms
32ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102001&jk=3773981648003983&bg=!5uWl5aHNAAbUs_yW1LM7ACkAdvg8WuQLKq1KfXECeMxd3DCMBLmhPWWLJ-9z7I3NEuUsl839wGQ9OAIAAANaUgAAAE5oAQeZArIeMe2WpDZpMt2HgyQCvCA3idWXFMJ-qiwdMOrpjqfOay4YKkpKe7t7FyfT1x0LAqbCYDnm1MDur_c7WcAClMhOoZvkxrwWVuOlwXQTFdXj35G8XBTTuQzJ5VDetENMJ0Kmh6p5gAXLC4LeYINvzQxCDVKRogozDe6ziT74KyGHNnslIZAruLFdF9UncuxSWa_EpUUd968IigV_toiSJygFDLzz2nDXKQV3IQjNHdAFlth6G5MwWrJkOqllIM4uxbDWPYZI9BWdX33xWq2soR_FpprSgvgv_Xzr0MpgDYylAjg5BkRtUCIqezNr8FHJeHZPwX8Py2q2OetLC-F73-T3No76tT40Wzh9RlRlwVN1ag_gG7dE7ld6TZMJ0-fsLaUgjKtn3hzd2siIn_iQQgTtngB0cgOMlGZEmFACB0OjRo938W1q08hyRdY4PeJbypIkhDhE3_ooIHL5X0OTWNq8_u-z4PUxTRaojaWK-iLAx2qeL2wwosqH4RMaZ071RI6eecrAWnTdUW8tAroRdLVqaCmVRJXjeECJgR2VNwTnyv4HW3MwfVkxI_urvTNws07AnGaGVxP-VlyfO1TrqYMcFfnC-gjGntozdkX5aPgo3ri7BD9nYDmsvl_aZd1qK6cA6a4jAH0oaOlhsBdLrdpTz19tMlyrzGyZmlFhFEM-5dH0MUETVzazAHs_PSRm9gr8ZXZNFaizVcCpYhnJMCgKbeEGIVpadqA2REUJWIQWJxC86YOS5JG6tlD8CyOtlDf22_RdJ5GSZbHKXxy4TFU6MkyaC743Ttcz4eoKUgAhJ-b7jGTdY2pPnTRLQ6JOzqV27XSk1m2TxXutGcywnHg4YjF8sPRMxn3Bx9ZXFy_3yPTdrUKJZaPKAoZBzUbmmCHKG0wzTkRg224ocaE6sVDJcq0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EB9 0
20 B 25ms
25ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM87yc8V4YYWRENaX3gPPsy4AAAAAOAHgBAI&bg=!UVKlUhbNAAbUs_yW1LM7ACkAdvg8WrItDsIK-EWkZx5-IC-F2sWwpX19tr-V7m51SV82iQ4mHZp7aQIAAAMPUgAAACZoAQeZAwmG5n5Od11tjmMCOZ09HiKDmZzRqWwJ8INFo39Xl5xj3nNmCYMWR-SKeTX9xHZq1KZILNZCzL22WpbgojtSvvneiLv6-_w4l94KHkmAbDHF-1sNLigQKNs9HHT6fYE7kGr8wbDPjuRW0FmvEPL0wmt6C5elJw9n9wDhygw9Z626KyWGjb_3UdGzPFhY9MNJAWRDtoEUSUNIJFwYJbpUL5uNwl_oLK4ka9y85IPlZEeu4PykQDc2pe9PUDT22eRicek7YkSN76gGcHoroVzlokXQbtM2DuVRW8ZFVcP96gLX-J79qQQ_-cdinmbp45X7QMy6oz8R-XRLibNDqXx0tQZwtlkLV1mKgd7lliJSsx9oIRVIUBxSgpmib5imvhbK6AT4Fqlydw4k7DpTjv8H8snseih3Ho8MEmyM13jYRVweT9RQi8Xk_Jnp4oK18MxyiCrsPtjaktpQgwXvOIG-w4MCZCxIZ3BaTLYxXoMaLGQAGsVkixDhCh34YwerYejNfAXefcpZvHyp3J6ixMVQitUaqih_99UyJtuhv2DQAQift18qdXahrnmbU-4PXbRPEzC9yRAR7zKwKJyYr7Zs32XiKusN8_VdD8WxW0PU2HFBBbyt03xoFLZ2IHh91v5TvxDlFbWv3hjWl19J1IlYu6qosgIpgRWx1d_-cAgwPCf3aVoJ7DhTC3vaGw_pxpcn2iBUPbly2AbimvvzhfhtsX4WOquNIuSK-yEb0q8S9AdO1qqxhcnVnR-HfUthb3g2aSSJLT1bsrhwWTIX5eLz7T9I5mPkHvaMy4BUHPcsdA3_AyI_cQItJFiqvVcSxqMwHcFffPPbnJpej1WzxIr7QpIzy2BzGA8vn0I2APJwSGahhWOESlKr4WqSHzkk4Y6tlObEYxKJubYxHQu84CZr6fy9NNg0ZK7Zp3_SESFQAtD2Ush3GekEb0dwCr-f80uCWaSElbbCasC07e83EFu4OdArGc69IvvdXVEOeHiFY3ocPCtmaExNV81gGwkJBRhYNvXD41RXFnTveX0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A314 0
20 B 41ms
41ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLvQLc8V4YczvDeGtx_APu4CH4AMAAAAAOAHgBAI&bg=!CQqlCk7NAAbUs_yW1LM7ACkAdvg8Wj21JuHMHsi850BnKOBfkij3nqFJ7fDzowHjhCZ4pVXNZOUIUgIAAAMhUgAAABZoAQcKABFMLcmGVI0qg6bXcVzEJhcwMJkDF084Zcd1IN8dbWETJQN0OqhVp8D_w6ecvm0y4BrHKIzknVQW8Tnt4DsUJvEUiidpiJO-XxvuYJHCbo8CaeZeUyjfJ3QV620agpj8GZzX_ojIpPskYLl9C_6pGsBU0PQe24VvfOkcLYx9eo5mKgmCH09IZpzUtaJi00lbBmssNqlkbnm9SrGZF56YTKjvELS00COV-q6HC_TIz2JaoAyoCqS9KDG290wquG_TW5rTVlWhjO1vOhisMce-4yg-9N-cAv9wQientAjM1gN3wBiEwqz89QlhHb9ViDVKteQRZdx0m4FmS2qjyj2YvJwf-XCVtUOurr-FFN1NVhHd4LCdviUy3Pz_mcnIu7WvVKSry8AWMNiVB_TmaAjqWjg2CcA_rEqeNcmdt-JbzZy_CCchSdVWAysZT5O8HaTQxBRUNVkwJ3SgxYgYiIGHne4wDkE3rAxifMHSXCO3f-aUemSe3cLo-xWqaPJmTxsSxIGLWimmFPlcGjZAMmuYCS_ssJ4nOJw8GxOQsdNJRKaFf0mau7qKdE4Ls_zqhUj19tPw38D0dx2lWlcr74D4WlmzATEdiIVU6Bdq-7Q6QYpPxIqACOc0kehPNK7F-cj8-F9PYGYnA7J1Ibf-KtdY9VWtBaTJCpIcCetSS84vA0qfGSWwebtvnrZF-X0C-WEncWYhifkz1UL2x7Qq5hNYH0i1nSUxMeCMnAn6DcYCslAm-XaH5cGrIIHvZPLRDLeb-eAMA2f9hm4pWhj6Tt5HNXFbtVcR1EjmY22ixIruwmy6wRPdZn7PyAxxPLk_9osqqtuR8Prd1wenxKIAd3KMdLYustDvEphIqmjbf1XUbhNYHPxcZn5-RZxfzYheRMjqq-UWb_Epq1aRKdEho-0yAT4Rd-Ia5XNHCLxxV5dkdg_ruCl8VO1BhJz_vBvwkeMC5Yt-vx0RnyP__8espXKgxk52aa3ehP6K0nP-Sf_dFX-LbOf3WKWZo3FAS50DKPgzcg1uXw_vXllNFyPcfFWu4RaeRBoRS3D58hjhUCyuhzKHLaxmHsJIILgDOuOV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 63C4 995 B
1 KB 33ms
9ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ko.dll-files.com/
Accept-Encoding: gzip, deflate, br
Cookie: icu=ChgI9p9dEAoYASABKAEw8YrjiwY4AUABSAEQ8YrjiwYYAA..; uuid2=5157753868864802999; anj=dTM7k!M41.D>6NRF']wIg2Il_qIXW=!]tbPl1M>e)ZlrFUfJ+tGXxo7II(D>IStPNa>t[LAct%DT$<Qa[8.g(f8*TI%nugO%v4VB%nmq])z3jP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 27 Oct 2021 03:20:22 GMT
Age: 15026158
X-Served-By: cache-lga21980-LGA, cache-hhn4073-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 194520, 304326
X-Timer: S1635304822.351648,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A339 1006 B
861 B 21ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 9b379e0c49701c97be36f0d01590077681ed9c6db123bb8c241d178bb107b12c

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
cookie: i=7f334ee2-4358-4cf8-85e7-4a70fd8c01ce|1635304817
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7f334ee2-4358-4cf8-85e7-4a70fd8c01ce|1635304817; Version=1; Expires=Thu, 27-Oct-2022 03:20:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1635304822|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 11-Nov-2021 03:20:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.217.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 27 Oct 2021 03:20:22 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2273 38 KB
14 KB 37ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.dll-files.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ko.dll-files.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ko.dll-files.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=127684
expires: Thu, 28 Oct 2021 14:48:26 GMT
date: Wed, 27 Oct 2021 03:20:22 GMT
vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7v3Fg7dS1MFzue5

43 B
106 B

21ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7v3Fg7dS1MFzue5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:21 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-09c412c5345d1bfc7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7v3Fg7dS1MFzue5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=e2a203ee-fb30-4724-9db7-d7e76d77678a
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=e2a203ee-fb30-4724-9db7-d7e76d77678a
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b015d601-6e53-4659-9c17-45d7bc0506e9&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=e2a203ee-fb30-4724-9db7-d7e76d77678a

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=e2a203ee-fb30-4724-9db7-d7e76d77678a
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=e2a203ee-fb30-4724-9db7-d7e76d77678a
Date: Wed, 27 Oct 2021 03:20:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5157753868864802999

43 B
122 B

22ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5157753868864802999
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:22 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4855927d-aa52-4b15-9b96-3b894aeaed5e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=5157753868864802999
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame A339
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMNGQwN0M4WXNBQURXSUd5M0tUQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAL4d07C8YsAADWIGy3KTA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL4d07C8YsAADWIGy3KTA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAL4d07C8YsAADWIGy3KTA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4d07C8YsAADWIGy3KTA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

94ms
28ms

Image
image/gif

185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4d07C8YsAADWIGy3KTA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:23 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL4d07C8YsAADWIGy3KTA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Wed, 27 Oct 2021 03:20:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=567f6178-c576-4400-a3e2-98085eefcd6e

43 B
106 B

27ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=567f6178-c576-4400-a3e2-98085eefcd6e
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 27 Oct 2021 03:20:22 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=567f6178-c576-4400-a3e2-98085eefcd6e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 27 Oct 2021 03:20:21 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EBkZYUUdGW8LHx1pQhoDYRcQSG4LTh1qEE02LTwl

43 B
106 B

32ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EBkZYUUdGW8LHx1pQhoDYRcQSG4LTh1qEE02LTwl
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=EBkZYUUdGW8LHx1pQhoDYRcQSG4LTh1qEE02LTwl
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2154403817951648499

43 B
106 B

17ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2154403817951648499
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2154403817951648499
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A339 70 B
265 B 108ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=ac9f71bb-eadf-730f-df31-829899ab3233&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame A339 170 B
188 B 27ms
27ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODBmMGEyNzEtMjNhOC0yZGFiLWNhZDEtZDgyMTUzNDlmYzUz

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A339
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVXY-phb-g45fau4u65ooE&google_cver=1

43 B
106 B

30ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVXY-phb-g45fau4u65ooE&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=dbd7f368-6906-4943-a76e-2f7c101e224c&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMVXY-phb-g45fau4u65ooE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2273 2 KB
2 KB 51ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73048649&p=158460&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 79adcdf56a799f7680655f143283b71473dcad7bcdce8905d61524dab4d7860a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1810
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 63C4 0
733 B 51ms
13ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Oct 2021 03:20:22 GMT
X-Proxy-Origin: 216.131.114.37; 216.131.114.37; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 333cfcb2-005b-4304-a6e4-f5bb0f5b9679
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 083A 35 B
467 B 20ms
19ms Document
image/gif 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=80075D1F-4CCE-4287-A706-801D93D9CFAC

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=80075D1F-4CCE-4287-A706-801D93D9CFAC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1; uid=2154403817951648499
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 27 Oct 2021 03:20:22 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=2154403817951648499; expires=Sun, 26 Dec 2021 03:20:22 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame ABC5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734

42 B
210 B

20ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=80075D1F-4CCE-4287-A706-801D93D9CFAC; chkChromeAb67Sec=1; pi=158460:2; DPSync3=1636502400%3A201_197_219%7C1635379200%3A174; SyncRTB3=1636502400%3A21_13_161_7_56_220; SPugT=1635304820; KRTBCOOKIE_391=22924-2154403817951648499&KRTB&23263-2154403817951648499; PugT=1635304822; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&16736-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&23019-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&23114-uid:567f6178-c576-4400-a3e2-98085eefcd6e; KRTBCOOKIE_80=22987-CAESEOr3hNIHPPfN2xRMU9b3SNI&KRTB&16514-CAESEOr3hNIHPPfN2xRMU9b3SNI&KRTB&23025-CAESEOr3hNIHPPfN2xRMU9b3SNI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 27 Oct 2021 03:20:22 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-7091551555055579734; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 26-Nov-2021 03:20:22 GMT; path=/ PugT=1635304822; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 26-Nov-2021 03:20:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 25-Jan-2022 03:20:22 GMT; path=/
x-lat: lhrpug002:0:472
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7091551555055579734
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2273
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gAddH0zOQoenBoAdk9nPrA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

52ms
14ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=62423
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 27 Oct 2021 20:40:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2273
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567f6178-c576-4400-a3e2-98085eefcd6e

0
260 B

103ms
10ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567f6178-c576-4400-a3e2-98085eefcd6e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 27 Oct 2021 03:20:22 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=567f6178-c576-4400-a3e2-98085eefcd6e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 27 Oct 2021 03:20:21 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/ Frame 2273
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=80075D1F-4CCE-4287-A706-801D93D9CFAC
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=93661f191c6d732e

62 B
304 B

198ms
166ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=93661f191c6d732e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 03:20:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=93661f191c6d732e
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2273
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODAwNzVEMUYtNENDRS00Mjg3LUE3MDYtODAxRDkzRDlDRkFD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
340 B

117ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:518
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2273
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOr3hNIHPPfN2xRMU9b3SNI&google_cver=1

42 B
362 B

117ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOr3hNIHPPfN2xRMU9b3SNI&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:430
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOr3hNIHPPfN2xRMU9b3SNI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2273 43 B
610 B 129ms
14ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 26 Oct 2021 03:20:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2273
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:567f6178-c576-4400-a3e2-98085eefcd6e&gdpr=0&gdpr_consent=

42 B
341 B

116ms
23ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:567f6178-c576-4400-a3e2-98085eefcd6e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 27 Oct 2021 03:20:22 GMT
Server: MT3 4044 0c7f252 master cdg-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:567f6178-c576-4400-a3e2-98085eefcd6e&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 27 Oct 2021 03:20:21 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2273
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2154403817951648499

42 B
542 B

115ms
22ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2154403817951648499
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:297
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:22 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2154403817951648499
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 2273 0
128 B 25ms
13ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158460&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:20:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 dc_oe=ChMIxZboltHp8wIV1ot3Ch3PmQsAEAAYACDy6PZJQhMIkqi7ltHp8wIVsRWLCh1fOwx9;met=1;&timestamp=1635304830640;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 48BB 42 B
173 B 76ms
75ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxZboltHp8wIV1ot3Ch3PmQsAEAAYACDy6PZJQhMIkqi7ltHp8wIVsRWLCh1fOwx9;met=1;&timestamp=1635304830640;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIjPXlltHp8wIV4dYRCB07wAE8EAAYACDy6PZJQhMI0Zi7ltHp8wIVpaN3Ch29bgmS;met=1;&timestamp=1635304830676;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0E18 42 B
107 B 61ms
34ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjPXlltHp8wIV4dYRCB07wAE8EAAYACDy6PZJQhMI0Zi7ltHp8wIVpaN3Ch29bgmS;met=1;&timestamp=1635304830676;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:20:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ko.dll-files.com/	1970-01-19 22:15:08	Name: pg_session_depth Value: 1
ko.dll-files.com/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"DE","region":"HE","ip":"216.131.114.37"}
ko.dll-files.com/	1970-01-19 22:58:16	Name: pg_custom_timeout Value:
ko.dll-files.com/	1970-01-19 22:58:16	Name: pg_ip Value: 216.131.114.37
.dll-files.com/	1970-01-20 15:46:16	Name: _ga Value: GA1.2.373602523.1635304817
.dll-files.com/	1970-01-19 22:16:31	Name: _gid Value: GA1.2.1552788102.1635304817
.dll-files.com/	1970-01-19 22:15:04	Name: _gat Value: 1
ko.dll-files.com/	1970-01-19 22:58:16	Name: pg_beacon Value: 1
ko.dll-files.com/	1970-01-20 07:00:40	Name: pg_mm2_cookie_a Value: d00fc3e2-b280-4730-926a-3b6e27b6a884
ko.dll-files.com/	1970-01-19 22:15:08	Name: pg_session_id Value: 5f1186c2-364e-4c92-8861-f8a49c6be15c
ko.dll-files.com/	1970-01-19 22:16:31	Name: pg_tc Value: not-sampled
ko.dll-files.com/	1969-12-31 23:59:59	Name: pg_canonical_session Value: aa43f2b161ab3d8a5e2b0b8d836642bd
.dll-files.com/	1970-01-20 07:36:40	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1635304816975],null]
.openx.net/	1970-01-20 07:00:40	Name: i Value: 7f334ee2-4358-4cf8-85e7-4a70fd8c01ce\|1635304817
.dll-files.com/	1970-01-19 22:15:04	Name: _gat_gtag_UA_190292_2 Value: 1
.adnxs.com/	1970-01-20 00:24:40	Name: icu Value: ChgI9p9dEAoYASABKAEw8YrjiwY4AUABSAEQ8YrjiwYYAA..
.adnxs.com/	1970-01-20 00:24:40	Name: uuid2 Value: 5157753868864802999
.dll-files.com/	1970-01-20 07:00:40	Name: FCNEC Value: [["AKsRol_MhLg1Y5UPBUIW7hGjXrk9wXkSgE-gJI7AX-O3Qe5TUyrPbpOFSCbFj6B5teb63BGwmxdRL_eCR4E_GgKaSLWbgjiK9JuvgOoIdLCMvL5ZHQLUrdsmv50ewviRcayGWwPX3wg9WXA6kKi65klyvoZvd9KnNg=="]]
ko.dll-files.com/	1969-12-31 23:59:59	Name: pg_analytics Value: disabled
.dll-files.com/	1970-01-20 07:36:40	Name: __gads Value: ID=e40777e93f21b780-220a082f00cb0059:T=1635304818:S=ALNI_MYQQhTqAjNqeN8AJOyFjvwg1_-FjQ
.doubleclick.net/	1970-01-20 15:46:16	Name: IDE Value: AHWqTUmPxlIrou31epwXLSJqzrqTXakfVaiqC-T2WqRP74YaHUpdZ_zpiYKbN0Tg8qU
.casalemedia.com/	1970-01-20 00:24:40	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-20 00:24:40	Name: CMPRO Value: 1119
.casalemedia.com/	1970-01-19 22:16:31	Name: CMST Value: YXjFdGF4xXQA
.casalemedia.com/	1970-01-20 07:00:40	Name: CMRUM3 Value: 2d6178c5742760CAESECIK_RWTzbgD28mAPUEjQf8
.adnxs.com/	1970-01-20 00:24:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_qIXW=!]tbPl1M>e)ZlrFUfJ+tGXxo7II(D>IStPNa>t[LAct%DT$<Qa[8.g(f8*TI%nugO%v4VB%nmq])z3jP
.casalemedia.com/	1970-01-20 07:00:40	Name: CMID Value: YXjFcyHwHfAkN51r4NSYLwAA
.doubleclick.net/	1970-01-19 22:15:08	Name: DSID Value: NO_DATA
.openx.net/	1970-01-19 22:36:40	Name: pd Value: v2\|1635304822\|mOgeginskin0vNomiygu
.quantserve.com/	1970-01-20 00:24:40	Name: d Value: EOQBDAHKJIqsMA
.quantserve.com/	1970-01-20 07:45:19	Name: mc Value: 6178c576-730d2-818f7-f336e
.bidswitch.net/	1970-01-20 07:00:40	Name: tuuid Value: e2a203ee-fb30-4724-9db7-d7e76d77678a
.bidswitch.net/	1970-01-20 07:00:40	Name: c Value: 1635304822
.bidswitch.net/	1970-01-20 07:00:40	Name: tuuid_lu Value: 1635304822
.w55c.net/	1970-01-20 07:45:19	Name: wfivefivec Value: 7v3Fg7dS1MFzue5
.mathtag.com/	1970-01-20 07:41:00	Name: uuid Value: 567f6178-c576-4400-a3e2-98085eefcd6e
.adform.net/	1970-01-19 22:59:43	Name: C Value: 1
.w55c.net/	1970-01-19 22:58:16	Name: matchopenx Value: 5
.adform.net/	1970-01-19 23:41:28	Name: uid Value: 2154403817951648499
.pubmatic.com/	1970-01-20 00:24:40	Name: KADUSERCOOKIE Value: 80075D1F-4CCE-4287-A706-801D93D9CFAC
.pubmatic.com/	1970-01-20 00:24:40	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:16:31	Name: pi Value: 158460:2
.pubmatic.com/	1970-01-20 00:24:40	Name: DPSync3 Value: 1636502400%3A201_197_219%7C1635379200%3A174
.pubmatic.com/	1970-01-20 00:24:40	Name: SyncRTB3 Value: 1636502400%3A21_13_161_7_56_220
.bidr.io/	1970-01-20 07:43:38	Name: bito Value: AAL4d07C8YsAADWIGy3KTA
.bidr.io/	1970-01-20 07:43:38	Name: bitoIsSecure Value: ok
.simpli.fi/	1970-01-20 07:02:07	Name: suid Value: C6D7A79FC885410F80BB27B73772B2F0
.onaudience.com/	1970-01-20 07:00:40	Name: cookie Value: 52e728da67e02952
.onaudience.com/	1970-01-19 22:16:31	Name: done_redirects109 Value: 1
.de17a.com/	1970-01-20 06:53:28	Name: guid2 Value: 1.7091551555055579734
.pubmatic.com/	1970-01-19 22:58:16	Name: KRTBCOOKIE_391 Value: 22924-2154403817951648499&KRTB&23263-2154403817951648499
.pubmatic.com/	1970-01-19 22:58:16	Name: PugT Value: 1635304822
.pubmatic.com/	1970-01-20 00:24:40	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 22:58:16	Name: KRTBCOOKIE_27 Value: 16735-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&16736-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&23019-uid:567f6178-c576-4400-a3e2-98085eefcd6e&KRTB&23114-uid:567f6178-c576-4400-a3e2-98085eefcd6e
.pubmatic.com/	1970-01-19 22:58:16	Name: KRTBCOOKIE_80 Value: 22987-CAESEOr3hNIHPPfN2xRMU9b3SNI&KRTB&16514-CAESEOr3hNIHPPfN2xRMU9b3SNI&KRTB&23025-CAESEOr3hNIHPPfN2xRMU9b3SNI
.mfadsrvr.com/	1970-01-20 15:46:16	Name: tuuid Value: b015d601-6e53-4659-9c17-45d7bc0506e9
.mfadsrvr.com/	1970-01-20 15:46:16	Name: c Value: 1635304822
.mfadsrvr.com/	1970-01-20 15:46:16	Name: tuuid_lu Value: 1635304822
.pubmatic.com/	1970-01-19 22:58:16	Name: KRTBCOOKIE_336 Value: 5844-7091551555055579734
.mfadsrvr.com/	1970-01-20 15:46:16	Name: ssh Value: !bidswitch,1635304822
.mfadsrvr.com/	1970-01-20 15:46:16	Name: bsw_uid Value: e2a203ee-fb30-4724-9db7-d7e76d77678a
.pubmatic.com/	1970-01-19 22:58:16	Name: KRTBCOOKIE_699 Value: 22727-AAL4d07C8YsAADWIGy3KTA
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: c93411efc3966026
.pubmatic.com/	1970-01-19 22:58:16	Name: SPugT Value: 1635304823

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m2d.m2.ai/pg.dll-files.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://m2d.m2.ai/pg.dll-files.js Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3140028837434899912/null Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
acdn.adnxs.com
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
bh.contextweb.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.pubguru.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dsum-sec.casalemedia.com
eu-u.openx.net
f28107ccad4bb0997a9ab54eb5209214.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ko.dll-files.com
m2d.m2.ai
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
monetizemore-d.openx.net
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
sync.mathtag.com
tags.bluekai.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
hbopenbid.pubmatic.com
104.111.215.191
104.18.11.207
142.250.181.230
142.250.181.234
142.250.184.193
142.250.184.194
142.250.184.226
142.250.185.130
142.250.185.163
142.250.185.226
142.250.185.234
142.250.185.67
142.250.185.98
142.250.186.162
142.250.186.46
142.250.186.65
142.250.186.68
142.250.186.78
151.101.1.108
157.240.20.19
157.240.20.35
159.253.128.183
172.217.23.104
18.184.28.154
18.194.49.170
18.195.217.206
185.29.134.244
185.33.221.53
185.33.223.178
185.64.190.80
185.86.138.144
198.148.27.139
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
213.155.156.185
35.244.159.8
37.157.6.252
51.210.112.63
52.215.68.151
52.222.149.104
52.222.149.118
52.223.40.198
52.28.203.152
52.57.110.162
72.251.249.13
74.125.133.157
89.187.169.47
91.228.74.133
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
005f45b85282d6c744e169cc36f5a35497792f6d0caebcaec4b1ae387155926c
014f58b5df35da5943b1a6d36f0d3e24018d5cbbcfdbaa80e27875cb25a660bd
053ad0355d63858b14d65fed9e21717b99217131edb7027eeef36767ab9e53e3
0607cce8c288e16836f677b9a734afcd1f2f12970e05b9e6aac785774e7e5c43
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b154e361ce5d3aa71655dfe801e5c7af7ce43b12ba072d1e76be7db5b1c24b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b950159f34a3d705f6ce23fd8a9dd78e55deb9844e36b850395f77b0c511874
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0d592a2c714c3f3618b107d0768209944aee95db110bf2858eb6a2789e6b1490
0d69d2e898ca79f657bfc06ad0106b96a849e3a3899301964f3de6241f83fd60
0feedb1a3366a367c43c26c617661337810a1355bdb34e486bdd691cdd5b5ecb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12533fea2f3a528c42ee8846dbbb3dea967f6ce50bef9af7f3179958a4656285
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1aeb294d661bf321d8ae67a118d749cdedfdb999e10571e135eaf8af493935a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1babee1f49027a158bcb6c77fd5785ff2b72796cc8a717bc32f5af3367cfd334
1eda347602de8e583fc1bd8ed96d863d87edd05e398bdebd52aadd7f1bfd4387
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
22c843879e5e4f704846fd2af7cd254a62abbc94099bfa28870a79647f39a1ac
23322d94c1db936f1cd45603a4a8f667c4cfdb77d9ef52d4f835c22e78933bdb
2337b4fa262d291f8f064d613397ac02063c15cf13d45569cd2e0afbb6e7c5ca
234c3a2fcf85b10065ae938136365e10702c991f1dc852fa928884bdfe9b331e
24322188927a35ee6398f1d8199d71e323590925d154a1fb3b4bdf76aea88a2d
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2875c1c323c183443388055f7dd369f70bf34ca42e2f3388530738c8d45d7d50
2ce10ba8ad08f88ba7fa6bc6908b5a19a0e3f6a83fc3a9603f4b94d7d9cbfe79
2ce56d0c7087d4196a93b3363b4e55eed688ae0d1f306ce852c65d816c9a38a0
2f4fe1dc13f9d98546fef63ee21e93ec60031faad7fe301c5fddc3de87efe8d3
309f0b1eb8d0d24b93cbfa3e0dd883456380eed6ae868ccdb8d5a802efbde8f2
3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d
32a3275fde2224a33c1bdbdbdb9252586211f44be92748d6c48408c1e3f9af00
33d8abaa691e388affd4e117c634123f1bcc6f3712fa8c4eb1daa725c9d17f64
42402368fae33a2a243eb91c7b00bde283ee2ef0643d5c49463de4fb5fda00a9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45775e8b103c82c38512df6d94bb1d61d9e51f7240ac933bb9f257fcefc8f53c
46105eef1f302df8fb9084af45e7840ecf3a3e30d78d115f2bdc1ef490f1ee48
46bcb67f75d20cbbb556256ed5af2d9ab3886f671e34b284dc98107707c85b34
484330641cece9095f3707196632874e81ef5f5af7f98755f1c2332f996917d5
48a3bf407a19e98f1588e30f94f010494230712f8de646a64419a9fe6e7b76d7
48d9344bc507c57d11f44f5585cb15e33f937b24e88ccf40aec901ff1c153ef6
4991e87727ddabbde4d293a7fd4e6ed4975d745d8d818111f0bfc75d131d35ff
49bf74092519230222c54861f904556e19e3f4cb715fc3c60ad7e378822ac967
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef68d1de5ac433f972d742aff90bc5e52d894ffeae52853f2231105b358cfed
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52a49f005ef8ebbce5ac9c8fa870a81f202e535af135e26a4e5571696d93eefb
52a543e521fc5dadacf0d3be4c3848a66bbb5944298a4c8b9249a2004c3fe4c9
5376989374c43d7ab1ce09aeeb7c9f95de7c28f81c148ee0a05048e8d58480bf
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
581b1bbe5fa490c9c496e65c005738bcaf80acd355453bbe45901e5c91e28b61
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
600574f49d53a1ac4a023cd2f5412084180ab69948bcd19d22f51f7e2b1aaa84
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6296096cd82bda88d7fced71164e3339e5d6e6b01aeecf6e527bb722ce8b05fb
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
69529e67f23b6701dae03440cfeea5c46d1bb58c92882a5bec8c2d024905d2cb
705f8cdc15c1fd8b6ad8780a5a4a4db7bb659ac4c1d2f290fb5be77e3859f86b
712fcfc2b1e8ce61c980676d7775d39a5a778694d717e1d3576f6b41dd133e3a
725ad7a9eb8d6e77c47cd2eac70a8953f159c5eaa1edecfaff754ef116327ea2
749bbb89f00fb9c1167551edf62cc7272dcff58df4c9ff1410db8df7da5b49be
75102b36e4a9ed753c8281016c79cf19cbeec12e68cf0d6e06106243b11b1ac5
75c3e03ca08b72a46a69ea073a04e52f632dfe147e286a5fdde21919706a180e
79adcdf56a799f7680655f143283b71473dcad7bcdce8905d61524dab4d7860a
7db0f5798491f765b194138be25843a2c8f20c98de241887c1881ef641901fdc
7e81d66a1058921a1c677c86138f3021cf51b9a864965b3fc1072cec21df18fd
81d017f72b27d1f13744e89003bc5178e273b0e6d1553110eef7e0046dc8dd36
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ad3a32f24cac32c08a09d4f3bf8080631b9e6b5de2918e39f0450e39f6f201
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a4d0cf7b4b7d0c66f12c688b7a36189b43579094b1e95b603b16cca9dc6d3ad
8b2cb234df348525b8615d22d789825e8ad22919f489e414ade43f79697d092a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
915df7ffaf5d69658bfdec4822c449ce919d900111984326656cf54d4175ff3a
9560586a1c5a1aba86dde20bc12574ab62db38fc7533431e2b77f2b5cc9685b0
96ccead8047bb79d9dba0929b5da5681898d8263246e03c017fb11137fa3af74
99b6492ba8d5acbc87c2c76bf8496193850cdf053e173b26348e695adab47601
9b379e0c49701c97be36f0d01590077681ed9c6db123bb8c241d178bb107b12c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a44e84c7e6bafc8fdfc20e2771452a36a92d930906eec2d2e24b4a3b7456228b
a47498970be7305fdbc8a3363818528d0c848f7bf897e1cae343e2b0b2105dbc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a577426e96390328853da2d33e73fefcaf5ae69da192d6dcd0596c93a9fc3edc
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa4817d3d47ac340bbee3ce71a13e731abd2747765153dc3253db4ef1e302213
ab0a6fc2283951e1cf634e802afa52433168a31257f4d6cd60c9cecfcc44621c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad8b12962ae8e7b1e5a90d30d5daf381777909bcc20b06faa9d148b888f6cc8b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af07093adcff6256f040007235c05bc6cb1bd3b5a358d1161b204cdff4c5e250
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b183664c34910ad5ad572324ded9f80e3fd51f0647eca7d5fb358be4a4dfe086
b214133aa4cf062eefa27c1f8cc2cb1632bddf5dc0bc3f40371efffc3d034f19
b5f3ac468ccf607ed91ab2ab7ab75ac7627237f7a69ffb074b2e1ad09285fb6e
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
bc469fbf5caccce7feaaa71bf2129911b2a5f9141fb6184994189da67fa10d34
bcadbd20bbc17ddc1f681c4e013b5f956b5f195e7a7915e6d74f92c842a5ac54
bd02a29f6b810c1386e2f9c01d703fe117027b5f6336b1744c61b45c4ffc14a1
c0883c1890ab05ed72947d4de52617cd5580601e2d8956c975cd5e040cdc2683
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c71e30a9addf7eb0947de98343c9d8771ce93401488799d2f63758c031a7c998
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d631b234d1b0781eb430f495bbc8594bbdeeebc050cf0ddbfc3f515cd0544d23
d6429f0abcbb2415b637b01fe5821136c6af9c50076f053f5aa08694171eef33
d6693e4b2de3384a7fcdc6c414a765ffd223f2b3c4d81bc4edc53931aa3be3e0
d707b7a49b2f9bfa654c7b2d010b989614ceaf4700b0e561a36e392a8f8dda38
dbae8be395eaf65bffda6bb03402a2422fb672157eb9f96af9ef3d7d5a9815dc
dc9b0e1cf29202cf1ac306fcce63e44cff0a125c17af53cff302cdb0e5554c34
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ddde94bebf0af43a6253664d2099c9b4cce48cf7640aae6fbfa2aa900d25a280
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ec156a4b9e5a7083af2cfdcee5409a72f6f773243a56f4153cadcb7a80aeef7c
ee452bd87db6b26bfc4c62324b0d46ec3d9dcb79f39fbf2591c7e142dc131594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53807224b11e5434f51edfce1553687b561c75c25b5f73d8b005d24b44dafe
ef6a2186f920e43392336f5191c5e5a2b6e3f4f03cdad4f0f2479bfa746a86eb
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f01b05491239ee65d72ef65afb5a3e975070f93abc6a49921d812242bfde92c3
f160c4fc12975c4e00c4d860c8e5345f949befe3802335782b39fd0a383add3a
f22c2be09a3719ea414b89a5fd13c7b67cc16808ec73506080dc7992c4ea9ad2
f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96
f2bdadd1963eb8d4fc6f6827cb11b7d503e527813f5947b3a81397d50b753ee9
f2d2e8ff2f876f8cf2f00dccf5a777aa252d26e428ba6bff6bb47b8c89f476df
f384206ca24c6605dc233f95d8cbbcd02c0290d25e6bc729b0c7abe39e36d0ab
f6e965c81b8ff30a1401f77edf361e710ae5e1ae08283442309b00648c0a5037
f90bfabb6f3f89c4e5a2c9dcdf737af96a12aa4dba7adda30dfaa0a7493e4b96
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff65e4d45fe2e30dbc938c96aca1e20eecc8afa8bb20b5c7605ecb6e1d753053
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

ko.dll-files.com Open in urlscan Pro 89.187.169.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

99 %HTTPS

0 %IPv6

36 Domains

57 Subdomains

42 IPs

8 Countries

2177 kBTransfer

5983 kBSize

64 Cookies

10 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 63 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ko.dll-files.com Open in urlscan Pro
89.187.169.47 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

99 %
HTTPS

0 %
IPv6

36
Domains

57
Subdomains

42
IPs

8
Countries

2177 kB
Transfer

5983 kB
Size

64
Cookies

202 HTTP transactions
63 data transactions