winkgo.com Open in urlscan Pro
2606:4700::6813:9b5c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winkgo.com/
Effective URL:
https://winkgo.com/
Submission: On November 23 via manual (November 23rd 2021, 5:57:43 pm UTC) from US — Scanned from DE

Summary HTTP 524 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 69 IPs in 7 countries across 55 domains to perform 524 HTTP transactions. The main IP is 2606:4700::6813:9b5c, located in United States and belongs to CLOUDFLARENET, US. The main domain is winkgo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2021. Valid for: a year.

This is the only time winkgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 55	2606:4700::68... 2606:4700::6813:9b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:3... 2600:1901:0:333a::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.213.35 52.222.213.35	16509 (AMAZON-02) (AMAZON-02)
1	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
2	2a02:26f0:6c0... 2a02:26f0:6c00:291::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.233.22.207 34.233.22.207	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.99.88 13.32.99.88	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	52.222.214.22 52.222.214.22	16509 (AMAZON-02) (AMAZON-02)
1	2a01:7e01:1::... 2a01:7e01:1::ac69:92e7	63949 (LINODE-AP...) (LINODE-AP Linode)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.112.32 18.66.112.32	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.29 18.66.112.29	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.35 52.222.214.35	16509 (AMAZON-02) (AMAZON-02)
10	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
6 19	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	18.66.139.91 18.66.139.91	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.114 18.66.139.114	16509 (AMAZON-02) (AMAZON-02)
18	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
3	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
7	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 17	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
17	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
11	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
7	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
7	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
7	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
7	52.22.182.4 52.22.182.4	14618 (AMAZON-AES) (AMAZON-AES)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	34.254.8.42 34.254.8.42	16509 (AMAZON-02) (AMAZON-02)
7	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
10	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
7	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
9	18.185.195.105 18.185.195.105	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	34.249.15.20 34.249.15.20	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	18.194.83.218 18.194.83.218	16509 (AMAZON-02) (AMAZON-02)
44	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
17 31	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	213.254.244.11 213.254.244.11	() ()
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	() ()
1 1	185.29.134.248 185.29.134.248	() ()
1	66.155.71.25 66.155.71.25	() ()
2 2	37.157.4.29 37.157.4.29	() ()
2 2	35.227.252.103 35.227.252.103	() ()
5	54.93.158.246 54.93.158.246	() ()
1 2	52.18.126.50 52.18.126.50	() ()
2	104.111.242.245 104.111.242.245	() ()
4	92.123.225.41 92.123.225.41	() ()
3	2600:9000:215... 2600:9000:2156:400:8:48e:53c0:93a1	() ()
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	() ()
1 1	35.186.193.173 35.186.193.173	() ()
1 1	35.190.0.66 35.190.0.66	() ()
2 2	72.251.244.140 72.251.244.140	() ()
2 2	185.64.190.78 185.64.190.78	() ()
3	104.244.36.20 104.244.36.20	() ()
524	69

55 2606:4700::6813:9b5c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winkgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.213.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-213-35.fra56.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:291::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.22.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-22-207.compute-1.amazonaws.com

www.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-88.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-22.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)

ipwatch.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.29 (United States)

ASN16509 (AMAZON-02, US)

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-35.fra56.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.91 (United States)

ASN16509 (AMAZON-02, US)

img4.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.114 (United States)

ASN16509 (AMAZON-02, US)

img1.zergnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.141.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.33.221.89 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

bloggernetwork-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.22.182.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-182-4.compute-1.amazonaws.com

display.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.254.8.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.185.195.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.193 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.15.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.194.83.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.185.162 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.11 (None, )

ASN- ()

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20519.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.29 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (None, ) 2 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.93.158.246 (None, )

ASN- ()

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.126.50 (None, ) 1 redirects

ASN- ()

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (None, )

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.225.41 (None, )

ASN- ()

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:400:8:48e:53c0:93a1 (None, )

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, ) 1 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (None, ) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.140 (None, ) 2 redirects

ASN- ()

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.36.20 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com tpc.googlesyndication.com	496 KB
67	doubleclick.net 17 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	381 KB
55	winkgo.com 1 redirects winkgo.com	743 KB
44	2mdn.net s0.2mdn.net	668 KB
24	casalemedia.com 6 redirects as-sec.casalemedia.com htlb.casalemedia.com dsum-sec.casalemedia.com	17 KB
22	monu.delivery monu.delivery ipwatch.monu.delivery imps.monu.delivery	155 KB
17	yahoo.com c2shb.ssp.yahoo.com	2 KB
17	adnxs.com 5 redirects ib.adnxs.com	25 KB
13	openx.net 2 redirects bloggernetwork-d.openx.net rtb.openx.net us-u.openx.net u.openx.net	2 KB
11	amazon-adsystem.com z-na.amazon-adsystem.com c.amazon-adsystem.com	50 KB
10	google.com adservice.google.com www.google.com	2 KB
10	lijit.com ap.lijit.com	5 KB
9	serving-sys.com bs.serving-sys.com secure-ds.serving-sys.com lm.serving-sys.com Failed	231 KB
9	sharethrough.com btlr.sharethrough.com	982 B
9	pubmatic.com 2 redirects hbopenbid.pubmatic.com image6.pubmatic.com ads.pubmatic.com Failed	2 KB
8	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	96 KB
8	googletagservices.com www.googletagservices.com	291 KB
7	clarium.io protected-by.clarium.io	2 KB
7	a-mo.net prebid.a-mo.net	304 B
7	emxdgt.com hb.emxdgt.com	1 KB
7	yieldmo.com ads.yieldmo.com	2 KB
7	bfmio.com display.bfmio.com sync.bfmio.com Failed	4 KB
7	33across.com ssc.33across.com ssc-cms.33across.com Failed	1 KB
7	media.net prebid.media.net contextual.media.net Failed	5 KB
7	serverbid.com e.serverbid.com sync.serverbid.com Failed	7 KB
7	districtm.io dmx.districtm.io cdn.districtm.io Failed	518 B
5	google.de adservice.google.de	1 KB
5	zergnet.com www.zergnet.com img4.zergnet.com img1.zergnet.com	82 KB
4	doubleverify.com cdn.doubleverify.com rtb0.doubleverify.com tps20519.doubleverify.com	22 KB
4	pinterest.de www.pinterest.de	14 KB
4	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
4	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com	18 KB
3	gumgum.com js.gumgum.com g2.gumgum.com	40 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	teads.tv sync.teads.tv	344 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	indexww.com js-sec.indexww.com	13 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	138 KB
2	rlcdn.com ats.rlcdn.com api.rlcdn.com	61 KB
2	facebook.net connect.facebook.net	85 KB
2	pinimg.com s.pinimg.com	19 KB
1	travelaudience.com 1 redirects ads.travelaudience.com	522 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	511 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	mathtag.com 1 redirects sync.mathtag.com	864 B
1	quantserve.com cms.quantserve.com	463 B
1	privacymanager.io geo.privacymanager.io	595 B
1	adsrvr.org match.adsrvr.org	540 B
1	geolocation-db.com geolocation-db.com	278 B
1	udmserve.net udmserve.net
1	googletagmanager.com www.googletagmanager.com	36 KB
0	brealtime.com Failed biddr.brealtime.com Failed
0	netmng.com Failed google2waycm.netmng.com Failed
524	55

	Domain	Requested by
55	winkgo.com	1 redirects winkgo.com s.pinimg.com
44	s0.2mdn.net	winkgo.com s0.2mdn.net 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
36	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com www.googletagservices.com
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com
31	cm.g.doubleclick.net	17 redirects googleads.g.doubleclick.net 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
18	imps.monu.delivery	winkgo.com
17	c2shb.ssp.yahoo.com	monu.delivery
17	ib.adnxs.com	5 redirects monu.delivery googleads.g.doubleclick.net
16	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
15	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net winkgo.com www.googletagservices.com
12	googleads.g.doubleclick.net	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com
10	ap.lijit.com	monu.delivery
10	c.amazon-adsystem.com	monu.delivery c.amazon-adsystem.com
9	btlr.sharethrough.com	monu.delivery
8	googleads4.g.doubleclick.net	winkgo.com googleads.g.doubleclick.net
8	www.googletagservices.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com
7	protected-by.clarium.io	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com
7	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
7	prebid.a-mo.net	monu.delivery
7	hb.emxdgt.com	monu.delivery
7	ads.yieldmo.com	monu.delivery
7	hbopenbid.pubmatic.com	monu.delivery
7	display.bfmio.com	monu.delivery
7	ssc.33across.com	monu.delivery
7	htlb.casalemedia.com	monu.delivery
7	prebid.media.net	monu.delivery
7	e.serverbid.com	monu.delivery
7	bloggernetwork-d.openx.net	monu.delivery
7	dmx.districtm.io	monu.delivery
5	bs.serving-sys.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com secure-ds.serving-sys.com
5	www.google.com	tpc.googlesyndication.com winkgo.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	secure-ds.serving-sys.com	winkgo.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
4	www.pinterest.de	s.pinimg.com winkgo.com
3	dt.adsafeprotected.com
3	static.adsafeprotected.com	winkgo.com 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
3	ct.pinterest.com	s.pinimg.com winkgo.com
3	monu.delivery	winkgo.com monu.delivery
2	u.openx.net	monu.delivery
2	image6.pubmatic.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	1 redirects 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
2	rtb.openx.net	2 redirects
2	c1.adform.net	2 redirects
2	cdn.doubleverify.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com winkgo.com
2	g2.gumgum.com	monu.delivery js.gumgum.com
2	img4.zergnet.com	winkgo.com
2	js-sec.indexww.com	monu.delivery
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	confiant-integrations.global.ssl.fastly.net	monu.delivery confiant-integrations.global.ssl.fastly.net
2	connect.facebook.net	winkgo.com connect.facebook.net
2	www.zergnet.com	winkgo.com www.zergnet.com
2	s.pinimg.com	winkgo.com s.pinimg.com
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	dclk-match.dotomi.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
1	tps20519.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	winkgo.com
1	www.pinterest.com	1 redirects
1	geo.privacymanager.io	ats.rlcdn.com
1	img1.zergnet.com	winkgo.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.rlcdn.com	js-sec.indexww.com monu.delivery
1	match.adsrvr.org	js-sec.indexww.com monu.delivery
1	js.gumgum.com	monu.delivery
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	geolocation-db.com	winkgo.com
1	ipwatch.monu.delivery	monu.delivery
1	get.s-onetag.com	monu.delivery
1	ats.rlcdn.com	monu.delivery
1	udmserve.net	winkgo.com
1	z-na.amazon-adsystem.com	winkgo.com
1	www.googletagmanager.com	winkgo.com
0	biddr.brealtime.com Failed	monu.delivery
0	sync.serverbid.com Failed	monu.delivery
0	contextual.media.net Failed	monu.delivery
0	cdn.districtm.io Failed	monu.delivery
0	ads.pubmatic.com Failed	monu.delivery
0	sync.bfmio.com Failed	monu.delivery
0	ssc-cms.33across.com Failed	monu.delivery
0	lm.serving-sys.com Failed	secure-ds.serving-sys.com
0	google2waycm.netmng.com Failed	7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
524	90

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.facebook.com
twitter.com
www.youtube.com
www.zergnet.com

Subject Issuer	Validity	Valid
winkgo.com Cloudflare Inc ECC CA-3	`2021-05-11` - `2022-05-10`	a year	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
z-na.amazon-adsystem.com Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.zergnet.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-02` - `2021-12-01`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
geolocation-db.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.bfmio.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.a-mo.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-04-28` - `2022-05-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh

This page contains 66 frames:

Primary Page: https://winkgo.com/
Frame ID: 2DF21B7A2EDD6C4DAFC9D941E6A1AE52
Requests: 262 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 89B15AEAB3B69271E0A50BC746309650
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 7843CE803E8FB0504983746A29AA2071
Requests: 4 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58CA861EA1B0EE737CAEFC82BF98303B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 17754B7EE69946B84609636D693E3068
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B52C95A110682C3204EA1F5DF303D5A4
Requests: 2 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD1129DF592888E529F2826BCBD703DE
Requests: 14 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 76487FACA754677B0B67B6EF95AD5664
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYn-KUuwEwAQ&v=APEucNXA0vJglp_SG7PaRUL7ymdKQN44J55mKAPvImyd0wqt16cd3VKD8mW4bePneWQ7A_Nxp8io5wgsXOj3OQcNBdmExf_IMkVkia7oywAlqjELRuQ0cb87_JXO_tR2Awmg-RFYr0zpor5y0IY7s6dAsZa1WnxkhySSLBRq21VLz2YTJ2lRBPU
Frame ID: 5A525B1D596592DEB5287FBC66074841
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNU1018MTcNy7JHTx4iau9yUvGUJb0RDP8rT4XEOFUf_Jc6OPPJnkS3xMsupO6u0tOTGhFjkDa_eqjwG2vi5KjMBT1JqdvLBnD4JKwQ4AjLPKLkc4MO6gD15ppoKLqX1926OLyw-5odgEqKJ_WPxOo33IsX6vsRpb7YXhu7Yg240kzs8VFg
Frame ID: 9314AFB0995F40098825BE6B17005720
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkq63U8aZTpi94M4-vJQxpXssYy2xhym0dnMp7QEI1UIKERCSS33tVntGM3u1qWi3Pa3CSjx4TUi5QiDjtTQrxAiLXYtKunZaKvljznJ0NZDqiw9uCltrLriMEjJRoU-EIqU4M-rLst8Q6h4nzL98K4oU_2o8oTeM42lE_l_s649fiJwBUsIYcjUkZicNFK_AHlPO-puVgJ_2tbIVytiukvXYBMWxkfZ_Ihtt2ifFyJe5LhcFV3wWUP7To5YM8KDpw3gNZvIKO2YJLvpJdSgEC0o9c6IDF1qRzJtXGHFEeAByXdnOoxcyQInCh4KYXntATi5YAutW4KA&sai=AMfl-YTgaUls3Ny1HCOlXQufCvi1gBmYjst8ZaPKYi4xe49WBw2IiJ-vu1ibJkkkkHtjeYgQ_Bvwptm-ZfT8AbsQkdd9hFcoasyk5G140bhruvi8zCRtd7oPNicF5L7zbAo&sig=Cg0ArKJSzGMFwzm5IHmSEAE&uach_m=[UACH]&adurl=
Frame ID: CA97627D668853BDC4B177B4A383F25A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWd4Pn3dj76kOcoJzS-59xiyxo1MlxtZg0Udbl2mmq4i2rUFGbmboCVJTkh6Q1JsKutsoFzR_l3gj7iMmWTpKyAAJq8lT36FebJtpyiM522-UCQTV5l4ZGe-eoUZ1h1S-OydmfGnD5SEpi46_8V8RTMY2JC2Y8jaYPjXaxPUZkhZ_Kmw5FNSSO6g5mhmGNoEssMtHMxHfVAY5zzc1jSVP14c-I2DIxuTYNFkBfQ25as5YXuqoNOD4PdlwolLaRv-muLgZKcMKZk9doAPGpceL5Fl0Po6p7jALY11FMPXEcEouHw7iZVq2X_q5AEZ1vb_4sqwgIhLLbhg&sai=AMfl-YQS2armSCl5ffdc71ASi9yiM2Mjc5cPpQSJudkoRSVZrhoaWC-xVdHPxQu2EWueB4NpJZCayqltFWPHWsGWK1OHr7pBMfzaBC8Eigtmo36_66OkBu2gq0Pr4mmxnps3&sig=Cg0ArKJSzEoOb9psajvdEAE&uach_m=[UACH]&adurl=
Frame ID: 18954AF5E34733FF7E7779BE4C5E656E
Requests: 8 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4D54BBBD4492BA0C1A2E773682E6C9E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWyZ1F0WkK0FXyHidP_S54Vl4fBsKVKWoWGH4nX4wLdsrXsFng7z08Ejtsv4n2I8yB23SZ-msXKylKDSWUO4V08ptGccuFYDyt25iyJSEjhg1nCNT6RzYIAOHnDzU908c9LN2sloLxFoaLLpraEOr6lwbnzQ-vnmCs6PrRkYB49ODEATkQ
Frame ID: 6B075EAB3796D5A5B0D61882314CB88F
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
Frame ID: 0B14B2E6692102B65C5A00421FFD6B1E
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
Frame ID: 2BE587E85AA9D3EC1F5C7C57E6BAF8A9
Requests: 13 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 384A4A53B499824E69AB33E9A13E7618
Requests: 18 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8FD17266B339C3ED2A95C4A62E55FCD0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A8AB67CD115D6260303F0AB2B3440F6B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8A784E3C949DFD2280DE292DFE94D96C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGK6S9bABMAE&v=APEucNVWaovU8Vl44aRK3_8kH0vOJZh7cEc9D5XN1I_hyls8OUhBv7NzWtJQuOeY3KynszUikGex-_wwYe2cpAqDNtmfnR_cZjgE_uxCMVH5i0FmkuW1AskM472k4tpI3GgJWuHGgAsofbHR2tJKShj5PAcDShFDhydGquU8RHLO3Uk93v2ftks
Frame ID: 921C33C96E835885AFA83FEBD0DC615F
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
Frame ID: DDB266FC2F87F45B37C7CFCAC91DCDA2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_BxgEQq7SEAhjOq5W7ATAB&v=APEucNU6IvFjXPTzSMaeRo9_v5jmPCrG2X6_KvO2J8GzdzpxLn6SiU0hxjAl2__dsUHpgGiXpwMxR9OuOrMBY9O5ncYHDTJeA_sNvzVM8hGfOwSs-ZWbzHyC8hSiimWmjcNzvTD15z6RLoiK_A1DCYMwwnLE6WF32CkkHPTfrNLXflLqDUpJLTw
Frame ID: 423FBBFE9FD410196B1D846CDF5E9685
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6920D9FFB47E9CF1AE9D56DDAE4BC493
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3905590B59E27804FDA28A5DAF0BFB97
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AEB9BAC6989DEDAB47DFE7B80EA893C1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F0336EED281D02243B168C67F6D941C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C255B7C4FE6C635510FD06CF715F6B1D
Requests: 1 HTTP requests in this frame

Frame: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9D8B1D4AD57A013D264F2086258D6211
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4
Frame ID: B4174F582EF7A81B878150C4958EE3C5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 82421E6025F5357ECF66C1DCE9CD0C58
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4C51793C3E2EEF3D1286B9CF666B99E0
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7F345FF1F47D3258F5C2A9FDD9D6F17F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 7F775B2442A77CBB3F0142517F4ED488
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bT2WDOzV0r64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: AB38B0302C99B50DCFFF8C4B35AF7D42
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 67268B773FFF9461640CBE4B171198B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690261082
Frame ID: BABF39A5253BA216E8D47B2147E7E86C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 53BBBE8705F186BE195590915211776B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 262570D4C7D6EE25F302F3E9682656A6
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260838
Frame ID: 4DFB21EA93406230925016BC8DDDBF99
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: DAE803851E65EFAAFA02260FCEF4C76B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7110FD4E319CB831FC2BBD6EA53CDFBA
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260957
Frame ID: 822910EB335257C4F023B8DAF0418250
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 0F94C43B33C3723B2E20682CEFD05285
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260835
Frame ID: D46E34E3F9A95F1BE5FC63A78A167887
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 0B60F879223FAAE9D8EA3A06E027B47D
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: B7D59C50B83ED06499FCDC0491539657
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 97597BD5CBE0759486B052B43FB960A5
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E819F2CA70A72AF2293139C3FD05698A
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: A7D2E97DD367189BEB8A9BE77487FD58
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A3497934B7EC6D1BF65C47E53779BE5C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: AE6A7C9B4C63959A6C05990567D2AD06
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260953
Frame ID: 6F7362C6575F9CF65997F9B5E2E5CB26
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1B75A62778FE947332BE9A9120A199AC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B436E3BC016F05D050685DA56D2966A4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 575F9824F9103A235E76BEC2CDE1F90D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 61D1D9F11D21367606EB5D2D4FB126F4
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13208641
Frame ID: 6865D19517DD28CE8E9036247D03A67B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4617686A4AD75AAF424275085D7A5B0F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bT2WDOzV0r64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 40B82284EE84DB15797300DE64D4EA9D
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 0DA35205DC3CFEB9C9F7B95EE66D5D40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 6BF093F2697BBDB1C92A655B1DCD7623
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 5FB335B749A3E01C21B37931803BBEA1
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: 6510502A08933A83E2398580F3E7D444
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: 43324F3187B4D2AE285EB20F641FE4BF
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: 699857C2FB85414490541F9C71E8D781
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winkgo - Inspirational Quotes, Memes, and Stories that Make You Feel Good

Page URL History Show full URLs

http://winkgo.com/ HTTP 301
https://winkgo.com/ Page URL

Page Statistics

524
Requests

87 %
HTTPS

28 %
IPv6

55
Domains

90
Subdomains

69
IPs

7
Countries

3729 kB
Transfer

8855 kB
Size

27
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinterest.com/winkgo/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winkgocom

Search URL Search Domain Scan URL

URL: https://twitter.com/winkgo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaq03dw9jCaiq7OUX6kxufA

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/privacy-widget
Title: by ZergNet

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6913871/87515/0/0/233710592/1

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/5654084/87515/0/0/233710592/2

Search URL Search Domain Scan URL

URL: https://www.zergnet.com/i/6832855/87515/0/0/233710592/3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winkgo.com/ HTTP 301
https://winkgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 295

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Request Chain 297

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 302

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Request Chain 304

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 326

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Request Chain 328

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Request Chain 376

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 377

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 378

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Request Chain 379

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Request Chain 399

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 400

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

Request Chain 401

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Request Chain 402

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Request Chain 427

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMy3NcRqb3mztNef-_mrZIg&google_cver=1&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUlKqngva30gowN1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUlKqngva30gowN1Q

Request Chain 429

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENK9ZH8taQhg9x4ckdyVZb4&google_cver=1&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszWPSyH5RwFDoqVn8JYbSKhsA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENK9ZH8taQhg9x4ckdyVZb4&google_cver=1&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszWPSyH5RwFDoqVn8JYbSKhsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIxNjA1NDA5ODk0MTg3MDg4OA&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszWPSyH5RwFDoqVn8JYbSKhsA

Request Chain 430

https://rtb.openx.net/sync/dds?google_gid=CAESEKfKTyZsZPkOOosLwxBXgsk&google_cver=1&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEKfKTyZsZPkOOosLwxBXgsk&google_cver=1&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w&google_hm=agM5C6DfwNUqqqJbLYk9OA==

Request Chain 431

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITS6V2Bp0Yq3S-zn_-saR4&google_cver=1&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 457

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUisUjgwrNcG-wzZnzeQ48&google_cver=1

Request Chain 459

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPacJllMs8tfIQwaCX-oy1A&google_cver=1

Request Chain 480

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAxo8dlm8lV4fIPPsVuDoKA&google_cver=1&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoRHyHLzIEngXLKnjDbe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoRHyHLzIEngXLKnjDbe&google_hm=f0a1anXuRYOzeYnSfdcp1AM

Request Chain 481

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJULumQ3r4CHZLlNXqddSZg&google_cver=1&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-H0gBteoWh_Yp HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s7d0t-8PSSS-PHQuJuQW_g2&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-H0gBteoWh_Yp

Request Chain 482

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEG_i67BikM8BJ7803A09DdM&google_cver=1&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5mT4-l9EhdaAmOP42D0JV HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEG_i67BikM8BJ7803A09DdM&google_cver=1&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5mT4-l9EhdaAmOP42D0JV&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=j5cn3hAoGEOK179O7jIOMQ&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5mT4-l9EhdaAmOP42D0JV

Request Chain 483

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBEdYfhH057aEBQ3Cj2mDlU&google_cver=1&google_push=AYg5qPL58SbyrCKc7jsebVtz0H1nV5p-GjF1Xe2iUu7OB8fomkLfmHlCUKaMYc4FrX6xp15u3E-k0fK8ww9StSECRHA005-V7NU_ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBEdYfhH057aEBQ3Cj2mDlU&google_cver=1&google_push=AYg5qPL58SbyrCKc7jsebVtz0H1nV5p-GjF1Xe2iUu7OB8fomkLfmHlCUKaMYc4FrX6xp15u3E-k0fK8ww9StSECRHA005-V7NU_&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Np67aOxzTleRc2Q-CfJk8w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL58SbyrCKc7jsebVtz0H1nV5p-GjF1Xe2iUu7OB8fomkLfmHlCUKaMYc4FrX6xp15u3E-k0fK8ww9StSECRHA005-V7NU_

Request Chain 484

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITS6V2Bp0Yq3S-zn_-saR4&google_cver=1&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Request Chain 488

https://pixel.adsafeprotected.com/rfw/st/852329/57872888/skeleton.js?ias_dspID=3&ias_campId=15097833995&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=386778594&bidurl=https://winkgo.com/&ias_dealId=&adsafe_url=https%3A%2F%2Fwinkgo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b4303504-349d-7311-43f0-01bd417afd3b,c:uOyFfJ,sl:na,em:true,fr:false,thd:1,mn:app14ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:dfhui1,nbld:0,mtim:122,fm:sPBXrMi+11%7C12%7C13%7C14%7C151%7C152%7C153%7C161%7C162%7C163%7C17%7C18%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.852329-57872888%7C1b1%7C1b21%7C1b3,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:142,oid:db780fe0-4c86-11ec-82eb-02c390e9b11a,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

524 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winkgo.com/
Redirect Chain

http://winkgo.com/
https://winkgo.com/

77 KB
14 KB

164ms
90ms

Document
text/html

2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11377efdcdf0b6a9764f01724abcfa837b54dcefef12accdc51263a1cb334ae0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://winkgo.com/wp-json/>; rel="https://api.w.org/"
content-security-policy: upgrade-insecure-requests;
cache-control: public, max-age=0, s-maxage=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 18:01:04 GMT
cf-cache-status: HIT
age: 80602
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b2c47ef3c9269a3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 23 Nov 2021 17:57:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 23 Nov 2021 18:57:37 GMT
Location: https://winkgo.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b2c47ee4867433f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
winkgo.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 40ms
38ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Jul 2021 10:26:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efde6869a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 easy-social-share-buttons.min.css
winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 119 KB
16 KB 72ms
70ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Mar 2021 16:42:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efde6c69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 main.css
winkgo.com/wp-content/plugins/aawp/assets/dist/css/ 80 KB
9 KB 44ms
42ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/aawp/assets/dist/css/main.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041f2f6b399cab4d99d9a1a39d1c2c07bda14e21fa693f81941fc22113e38360

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 17:53:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee6e69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 style.css
winkgo.com/wp-content/themes/mts_sociallyviral/ 59 KB
13 KB 45ms
43ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/style.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc0f76fcd83f2afad287d93217bbf1f8b787c10d8ec6831693a14617fe25e08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7169a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 responsive.css
winkgo.com/wp-content/themes/mts_sociallyviral/css/ 15 KB
3 KB 72ms
71ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/css/responsive.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c11b97691e12238100aef68230063f08280459d5e9ddc1b513872a013856f78e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7569a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 magnific-popup.css
winkgo.com/wp-content/themes/mts_sociallyviral/css/ 6 KB
2 KB 36ms
34ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/css/magnific-popup.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c207bd82a7804c83a03365145221aa699e09a034b14e34a5ee4cd83b09101006

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7a69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 font-awesome.min.css
winkgo.com/wp-content/themes/mts_sociallyviral/css/ 30 KB
7 KB 39ms
38ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/css/font-awesome.min.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7c69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 front.css
winkgo.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/ 25 KB
4 KB 47ms
45ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34399bf105da7ab605ab63afc1694822adbc66d66457d59a0d31c2ddea07cb99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 17:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7d69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 jquery.min.js Show response
winkgo.com/wp-includes/js/jquery/ 87 KB
31 KB 40ms
38ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee7f69a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 jquery-migrate.min.js Show response
winkgo.com/wp-includes/js/jquery/ 11 KB
4 KB 50ms
49ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee8169a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 ajax.js Show response
winkgo.com/wp-content/themes/mts_sociallyviral/js/ 22 KB
7 KB 34ms
34ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/js/ajax.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b8f9cc260ddba7e5a0899f13ac76f6ab9e0ed6bbb13873c09994823ccf5735

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f1aae1702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 history.js Show response
winkgo.com/wp-content/themes/mts_sociallyviral/js/ 15 KB
5 KB 44ms
43ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/js/history.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

153302ccd34df160b9a5c101e8abdfb45f802882ae11ba76b51f7a59f4071e8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78853
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee8f69a3-FRA
expires: Tue, 22 Nov 2022 17:57:52 GMT

GET
H2 200 front.min.js Show response
winkgo.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/ 58 KB
16 KB 76ms
75ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86567
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 17:53:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47efee9069a3-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 941660-e74d-49b3-b265-5d8e96eedd3e.js Show response
monu.delivery/site/f/1/ 557 KB
149 KB 170ms
144ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: b76083e0786b35c2c153887bbcfee4354f1b53f06d50323e89768df065d977e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdtfVSP2Mrt5609sUwFC-6-AWT3CcmTI-gZXEQEFun_M5Hjiem7HwjZajlAY9weKrKk_NWUQFus5p8QfDX8_pdo
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
last-modified: Wed, 17 Nov 2021 20:33:16 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=x0SF3Q==, md5=UHL/NYNyMN2y1WBun9KWrg==
x-goog-generation: 1637181195992644
via: 1.1 google
cache-control: max-age=7200
x-goog-stored-content-length: 570647
content-type: application/javascript
expires: Tue, 23 Nov 2021 19:57:38 GMT

GET
H2 200 css
winkgo.com/assets/vendor/googleapis/ 366 B
424 B 61ms
60ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/assets/vendor/googleapis/css?family=Fira+Sans:500|Fira+Sans:normal&subset=latin

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d9ff35fbdc637b8841b9a9f128b9191fe30b88caeced38dde1bf6939aefa6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 0
timing-allow-origin: *
last-modified: Mon, 22 Nov 2021 17:57:58 GMT
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding, Accept-Encoding
cache-control: max-age=86400, public
cf-ray: 6b2c47efee8b69a3-FRA
expires: Tue, 23 Nov 2021 17:57:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 52ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3289316-12

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4f37e74d2cd74adfe11d7d46d6b5329637d7355ecc0513f5a31554638517446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36149
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 17:31:54 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Nov 2021 17:57:38 GMT

GET
H3 200 winkgo-logo-final-e1423762835833.png
winkgo.com/wp-content/uploads/2015/02/ 13 KB
13 KB 37ms
36ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2015/02/winkgo-logo-final-e1423762835833.png

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74dcfa223cc2026109dc555fb51afbc6b0bba578b2a3eb41e8d6a0b1718bbbbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11727
cf-polished: origFmt=png, origSize=24976
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="winkgo-logo-final-e1423762835833.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13318
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2017 08:15:00 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:13:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1db7e702b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 22 KB
8 KB 434ms
396ms Script
application/javascript 52.222.213.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=d224190e-7b26-43c9-aa7c-19a85c33d979
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.213.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-213-35.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 610f1153992ba9b6f3cab863a68d7a8d85dc429aa1a6003d160e461bae9a7bd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: Public
date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 7327
via: 1.1 9e1b24b39ac8b669f996f1e7907eb697.cloudfront.net (CloudFront)
x-amz-cf-id: WfJWnjK87rZUzICLrWmTs2iuwxcGt11Bqc12NcnDEevJrOedoRx6LA==
expires: Tue, 23 Nov 2021 18:02:38 GMT

GET
H/1.1 412
Precondition Failed img.fetch
udmserve.net/udm/ 0
0 636ms
158ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=15629;tid=1;dt=6;
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:38 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H3 200 wp-subscribe-form.css
winkgo.com/wp-content/plugins/wp-subscribe/assets/css/ 3 KB
1 KB 35ms
35ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/wp-subscribe/assets/css/wp-subscribe-form.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f827eb7e4e6d612a9b212b3e3af04a6b264b9a72186afcde80c4cbf11f536e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 02 May 2020 18:13:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f07f27702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 customscript.js Show response
winkgo.com/wp-content/themes/mts_sociallyviral/js/ 7 KB
2 KB 62ms
61ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/js/customscript.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dabef7db0d834a2e8d32bb01c81af144b87e1fe8dbc286f89161ecc26fa07de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f1db81702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
winkgo.com/wp-content/themes/mts_sociallyviral/js/ 21 KB
8 KB 46ms
45ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/js/jquery.magnific-popup.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e507cdd056c590258573b14fed0c8232ca65e2ebf4712cc19f30333295d3a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f1db84702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 main.js Show response
winkgo.com/wp-content/plugins/aawp/assets/dist/js/ 6 KB
3 KB 36ms
35ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/aawp/assets/dist/js/main.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4405f9185e0ed69e35080f3e6d9f906dc921fa15b668f195eb983890ed5882af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Nov 2021 17:53:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f0bffd702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 wp-embed.min.js Show response
winkgo.com/wp-includes/js/ 1 KB
1 KB 29ms
29ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-includes/js/wp-embed.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Jan 2021 01:59:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f0f8a7702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 wp-subscribe-form.js Show response
winkgo.com/wp-content/plugins/wp-subscribe/assets/js/ 2 KB
1 KB 31ms
31ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/wp-subscribe/assets/js/wp-subscribe-form.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5f5ed63f47328613966ee42c7c6bd826cfd6729b486971388faf87ef5dd30a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 02 May 2020 18:13:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f12945702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 easy-social-image-share.min.css
winkgo.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/css/ 26 KB
9 KB 31ms
31ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/css/easy-social-image-share.min.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4f4fe0fca418095787860851cbf34595be5083ab80bd37d58cd60e3024179e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Mar 2021 16:42:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f159d4702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H3 200 essb-popular-posts.css
winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 1 KB
741 B 45ms
45ms Stylesheet
text/css 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-popular-posts.css

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a259b6d2fe0671d6763c6ac5ba9119acaaad3b9de379719708f6df47ec8ef33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Mar 2021 16:42:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f19a9d702b-FRA
expires: Tue, 22 Nov 2022 17:53:46 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 2031ms
198ms Script
application/javascript 2a02:26f0:6c00:291::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:291::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 67130e9d-2.16.186.166
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H3 200 nobg.png
winkgo.com/wp-content/themes/mts_sociallyviral/images/ 34 B
493 B 60ms
60ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/images/nobg.png

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75426
cf-polished: origFmt=png, origSize=68
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="nobg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 17:54:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1db85702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 va9E4kDNxMZdWfMOD5Vvl4jN.woff
winkgo.com/assets/vendor/gstatic/s/firasans/v11/ 27 KB
28 KB 43ms
43ms Font
font/woff 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/assets/vendor/gstatic/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jN.woff

Requested by

Host: winkgo.com
URL: https://winkgo.com/assets/vendor/googleapis/css?family=Fira+Sans:500|Fira+Sans:normal&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7e4b3e448a6915399c0798dcf6acb7cdbd7d17edff89f418fd381239d7c235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/assets/vendor/googleapis/css?family=Fira+Sans:500|Fira+Sans:normal&subset=latin
Origin: https://winkgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28024
x-xss-protection: 0
timing-allow-origin: *
last-modified: Thu, 01 Apr 2021 22:05:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6b2c47f1eb8f702b-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 17:53:55 GMT

GET
H3 200 fontawesome-webfont.woff2
winkgo.com/wp-content/themes/mts_sociallyviral/fonts/ 75 KB
76 KB 52ms
52ms Font
font/woff2 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/themes/mts_sociallyviral/fonts/fontawesome-webfont.woff2

Requested by

Host: winkgo.com
URL: https://winkgo.com/wp-content/themes/mts_sociallyviral/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://winkgo.com/wp-content/themes/mts_sociallyviral/css/font-awesome.min.css
Origin: https://winkgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 15:40:11 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1eba5702b-FRA
expires: Tue, 22 Nov 2022 17:54:40 GMT

GET
H3 200 va9B4kDNxMZdWfMOD5VnZKveRhf8.woff
winkgo.com/assets/vendor/gstatic/s/firasans/v11/ 27 KB
28 KB 63ms
63ms Font
font/woff 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/assets/vendor/gstatic/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf8.woff

Requested by

Host: winkgo.com
URL: https://winkgo.com/assets/vendor/googleapis/css?family=Fira+Sans:500|Fira+Sans:normal&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8cce6f8be090907e1e9256eb1ca7ffa124a753e55cb7ec1af617b5dcf22bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/assets/vendor/googleapis/css?family=Fira+Sans:500|Fira+Sans:normal&subset=latin
Origin: https://winkgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 28116
x-xss-protection: 0
timing-allow-origin: *
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 6b2c47f1ebad702b-FRA
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 17:53:55 GMT

GET
H3 200 sassy-quotes-featured-770x297.jpg
winkgo.com/wp-content/uploads/2021/11/ 45 KB
45 KB 55ms
54ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/11/sassy-quotes-featured-770x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10189ed67cace0be73ff2373965a786e1424c49fa0c3de49aa7617bbf4a4212b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=55049
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="sassy-quotes-featured-770x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45658
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Nov 2021 22:16:31 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:26 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fbe4702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 instagram-captions-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/11/ 17 KB
17 KB 62ms
62ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/11/instagram-captions-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0045f969f90c37c95013b7551b7f4c86360f601c9f599209d65a22a2367b7542

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75410
cf-polished: qual=85, origFmt=jpeg, origSize=21498
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="instagram-captions-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17166
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 18:27:40 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:45:02 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fbf2702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 couple-memes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 12 KB
12 KB 62ms
61ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/couple-memes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eff9bf182da7d701d61ef4642523eebcb0ee3fd95e781d84c23fb46397773739

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=17384
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="couple-memes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11962
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2021 21:50:56 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fbf7702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 harry-potter-jokes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 15 KB
15 KB 63ms
60ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/harry-potter-jokes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13fb8b642dd6e35151ef48192b622ffe73bf9f59566fce331ad3a4ee662e2b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=20235
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="harry-potter-jokes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14848
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Oct 2021 21:29:20 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fbfa702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 car-date-night-ideas-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 26 KB
27 KB 63ms
60ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/car-date-night-ideas-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8400a808daf47a7374eb514a7f0dc9ec2c16e9e0a4a21bbb29acadadcbe51a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=30046
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="car-date-night-ideas-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26926
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Oct 2021 17:34:58 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:46:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fbfd702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 savage-quotes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 10 KB
11 KB 63ms
60ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/savage-quotes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76d84b1f8d9765b66eaca886948ddda114cb04173566fa6c7883c1c8c0508bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=14827
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="savage-quotes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10532
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 19:08:06 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:56:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc00702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 harry-potter-memes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 18 KB
19 KB 64ms
61ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/harry-potter-memes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17d9b1e8d61406a806cca1b755b61eb7eb6bbb915d3b3ea433b004ca181e852

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=24055
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="harry-potter-memes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18750
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Oct 2021 19:32:09 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc04702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 success-quotes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 20 KB
20 KB 64ms
61ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/success-quotes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7892bae41a6f255cbacb47c9023660b89409db55a1270260c52d6d140d6c62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=24254
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="success-quotes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20074
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 20:06:05 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:28 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc06702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 inappropriate-memes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/10/ 17 KB
17 KB 75ms
72ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/inappropriate-memes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0f8b2833fd5a3c48f2433a19d9a63c05be6f33564ba25100e7445ad6137f89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75410
cf-polished: qual=85, origFmt=jpeg, origSize=22348
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="inappropriate-memes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17416
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Oct 2021 00:40:48 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:45:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc0a702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sad-quotes-about-love-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 12 KB
12 KB 65ms
62ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/sad-quotes-about-love-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ec9b4b5e390f2f78e5890323bcfab67b352d1f48cd357cf7d1ffcfd5d11465

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=16293
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="sad-quotes-about-love-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11964
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 03:46:17 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 23 Nov 2022 05:46:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc0e702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 dog-farting-sleep-cat-angry-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 10 KB
11 KB 80ms
77ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/dog-farting-sleep-cat-angry-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cccc2be6d23b4219bcbf3b897ffd927913519de2feb8f5c3f16d05f21e0d757

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=15415
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="dog-farting-sleep-cat-angry-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10404
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 20:31:35 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:56:27 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc11702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 dad-joke-memes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 14 KB
15 KB 68ms
65ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/dad-joke-memes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb4148faead14cbc48e637a2c15fca1553bde4adf05446d0466ce63402c46650

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=19088
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="dad-joke-memes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14560
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Sep 2021 19:14:32 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc13702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 best-disney-princesses-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 20 KB
21 KB 64ms
61ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/best-disney-princesses-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d568b3b95ad1f1dbac3018305f0c498d9c50fcfc9702c879f2f9d3020565519

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=26651
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="best-disney-princesses-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20678
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Sep 2021 22:07:46 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc1a702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sad-quotes-about-life-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 17 KB
18 KB 69ms
67ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/sad-quotes-about-life-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd61b9883ddff225d59dccca887691a0e8839d7338202a7076bc709d08aa0710

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=22158
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="sad-quotes-about-life-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17700
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Sep 2021 16:05:21 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:04:24 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc1d702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 quotes-about-happiness-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 18 KB
18 KB 69ms
67ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/quotes-about-happiness-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fcbf3619f707f94e935cf215c50eaeda1e1c9b9f6e9f6223cc99aa20cc33d7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=21843
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="quotes-about-happiness-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18016
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 20:20:27 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 21:14:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc20702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sarcastic-quotes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 16 KB
17 KB 70ms
68ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/sarcastic-quotes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1b09bec753e8e293c636fd282c7c1203d55ffeeace6060968121be017b8abf8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=21552
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="sarcastic-quotes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16814
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Sep 2021 17:06:56 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 21:14:00 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc22702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 lorax-quotes-featured-370x297.jpg
winkgo.com/wp-content/uploads/2021/09/ 15 KB
15 KB 70ms
69ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/09/lorax-quotes-featured-370x297.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7bdb6fe2ca02fc669ba61b8e2c579e377c31762c87552325b3033b669754e45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24767
cf-polished: qual=85, origFmt=jpeg, origSize=20152
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="lorax-quotes-featured-370x297.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15218
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Sep 2021 20:14:23 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:08:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc24702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 couple-memes-featured-300x200.jpg
winkgo.com/wp-content/uploads/2021/10/ 9 KB
9 KB 72ms
71ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/10/couple-memes-featured-300x200.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0768e04b47da32173cbd3401778193d5c2a61505ae06d717d8b19bb4535127

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75426
cf-polished: qual=85, origFmt=jpeg, origSize=11294
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="couple-memes-featured-300x200.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8976
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Oct 2021 21:50:56 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 20:26:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc29702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 instagram-captions-featured-300x200.jpg
winkgo.com/wp-content/uploads/2021/11/ 11 KB
11 KB 73ms
71ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/11/instagram-captions-featured-300x200.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51edfbbe0edf65fd290fb55205705d115ce0e58668bf280b2c26d0e4abb80650

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75426
cf-polished: qual=85, origFmt=jpeg, origSize=13412
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="instagram-captions-featured-300x200.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10988
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Nov 2021 18:27:40 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 20:07:54 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc2e702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 sassy-quotes-featured-300x200.jpg
winkgo.com/wp-content/uploads/2021/11/ 17 KB
17 KB 76ms
74ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2021/11/sassy-quotes-featured-300x200.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3622ea62d6f385ba04ff4428d5c8238fc0bd81982a1afddd17b2a141da760463

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75420
cf-polished: qual=85, origFmt=jpeg, origSize=19240
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="sassy-quotes-featured-300x200.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17238
x-xss-protection: 1; mode=block
last-modified: Sun, 21 Nov 2021 22:16:31 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 19:43:07 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f1fc31702b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 zerg.js Show response
www.zergnet.com/ 7 KB
3 KB 343ms
113ms Script
application/javascript 34.233.22.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/zerg.js?id=87515
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-22-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 07c979abb4701b52ecd2b324a01a3473d94702f28bb72c2d3deaf8b66d207253

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
expires: Tue, 30 Nov 2021 17:57:38 GMT
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H3 200 26-Stylish-Seniors-Who-Dont-Wear-Old-People-Clothes-Featured-300x200.jpg
winkgo.com/wp-content/uploads/2016/08/ 21 KB
21 KB 63ms
62ms Image
image/jpeg 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2016/08/26-Stylish-Seniors-Who-Dont-Wear-Old-People-Clothes-Featured-300x200.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7601a62ec36906013b1b8d78fd1fe9978b1beb523ee4165f62ebfdb1aee10dcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75411
cf-polished: degrade=85, origSize=27990, status=webp_bigger
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21371
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2017 16:31:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 22 Nov 2022 17:54:36 GMT
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6b2c47f21c73702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 45-Crush-Quotes-Featured-300x169.jpg
winkgo.com/wp-content/uploads/2017/10/ 18 KB
18 KB 64ms
64ms Image
image/jpeg 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2017/10/45-Crush-Quotes-Featured-300x169.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6657151bbf58ab69a4359161ac8f10d2179218c25c5f010ed214093cbe8096f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71819
cf-polished: degrade=85, origSize=20560, status=webp_bigger
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18350
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 23:36:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 22 Nov 2022 17:54:37 GMT
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
cf-ray: 6b2c47f21c75702b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 Flourless-3-Ingredient-Berry-Egg-Muffins-Recipe-Featured-300x156.jpg
winkgo.com/wp-content/uploads/2016/01/ 9 KB
10 KB 65ms
65ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2016/01/Flourless-3-Ingredient-Berry-Egg-Muffins-Recipe-Featured-300x156.jpg

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8e3aeb3db1e78947771fb5fb7bfe36d92310dca77b2f3e218e0f5c25e37ca9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11678
cf-polished: qual=85, origFmt=jpeg, origSize=18608
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
content-disposition: inline; filename="Flourless-3-Ingredient-Berry-Egg-Muffins-Recipe-Featured-300x156.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9256
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2017 13:59:23 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:31:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c47f21c76702b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a978ce8655fb0bb4e23b140af5ebd15998f14efcbca8d7ab5db832e7083b74e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tcGBinDIYd/OInPsUjwxKw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: mi+8jfEuD+aOthuBggtN0fMj9DOdl4DfIMQ27vMlVIo+3NqcMc6edxITKvac1PTu11W8QhUEEuCKQnyLnuOYZA==
x-fb-trip-id: 686109401
x-fb-content-md5: edd94118bf166668b98d0c04e3aabb55
x-frame-options: DENY
date: Tue, 23 Nov 2021 17:57:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c74ca7c621f17d8d31f9ef4262222cea"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 23 Nov 2021 18:14:11 GMT

GET
H3 200 essb-core.min.js Show response
winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ 51 KB
13 KB 61ms
61ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Mar 2021 16:42:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f22c8a702b-FRA
expires: Tue, 22 Nov 2022 17:54:14 GMT

GET
H3 200 easy-social-image-share.min.js Show response
winkgo.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/js/ 15 KB
5 KB 61ms
61ms Script
application/javascript 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winkgo.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-image-share/assets/js/easy-social-image-share.min.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2d621596d99182b3a71ddd49d416c030afd3f6d3ee4f2e148eb8ff623479b49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86568
x-nginx-cache-status: MISS
x-server-powered-by: Rocket
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Mar 2021 16:42:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests;
cf-ray: 6b2c47f22c92702b-FRA
expires: Tue, 22 Nov 2022 17:54:14 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
61 KB 38ms
10ms Script
application/x-javascript 13.32.99.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-88.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
content-encoding: gzip
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age: 46516
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 6bc77264d69b4716594d8b5229cafdb9
last-modified: Wed, 17 Nov 2021 08:31:53 GMT
server: AmazonS3
date: Tue, 23 Nov 2021 05:02:23 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: HcZBPTeuVLpkLXJVlGvuu_bVkk4iUNjbt8K_l4YceGB6GkkfFWHFBg==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 479 KB
78 KB 46ms
7ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05f30bd964d0c7a058add5138107112c0597bc53e88e8320afdd226e5de06055

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:38 GMT
Content-Encoding: gzip
Age: 319
X-Cache: HIT
Connection: keep-alive
Content-Length: 78967
x-amz-id-2: eoZb+GbUQ1YMmWHLtaRlLnsAUMINqvjNZ/GSb6j9gudKIbGbIQKzpCeR8QtfeHkO2XoNvatMmNk=
X-Served-By: cache-fra19172-FRA
Last-Modified: Tue, 23 Nov 2021 17:14:12 GMT
Server: AmazonS3
X-Timer: S1637690258.316343,VS0,VE0
ETag: "a04f4f09e83e971c6bbf9279ecac6b44"
x-amz-request-id: D8VP6PDRDA9BAR5P
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 3

GET
H2 200 tag.min.js Show response
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 17 KB
6 KB 39ms
5ms Script
text/javascript 52.222.214.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-22.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 19:32:23 GMT
server: AmazonS3
age: 84972
etag: W/"4c3e8f251a140b2e06634712ba322640"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 22 Nov 2021 18:21:27 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: kR9YztWb9-1GEyOGV0sxO4O_Or8eLQs8Hv5_i-DntaMIuzJ-yDU9rw==

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 216 B
550 B 110ms
9ms XHR
application/javascript 2a01:7e01:1::ac69:92e7
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 216
expires: Tue, 23 Nov 2021 18:57:38 GMT

GET
H2 200 / Show response
geolocation-db.com/jsonp/ 172 B
278 B 476ms
446ms Script
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/jsonp/?callback=callback&_=1637690257982
Requested by: Host: winkgo.com
URL: https://winkgo.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9d0c58aecf59b691035578924aad5463650c864831b64244dd9e49064d23a31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=125fe617f2adebf2d304232c0edc7121

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7dcecfc6cf63c0e31e72fe54479af650479d6eca86a46a70f79becb954f476e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://winkgo.com/
Origin: https://winkgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SGX1JRmt4VvKlkceBkNsFA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84318
x-fb-rlafr: 0
x-fb-debug: Bpwl5BAACEP3nPhTFYNP0+j/cIeysezio2ksHMkKhGGm5tcZ8nOfn7HhVHdV3guej1JM8FixdcfBjKSvvvG/bA==
x-fb-content-md5: 322b198409da13ad3d39df6913d35fa1
x-frame-options: DENY
date: Tue, 23 Nov 2021 17:57:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d882125b0485e30540d40e8a12e83e93"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Nov 2022 17:30:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3289316-12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3391
date: Tue, 23 Nov 2021 17:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Nov 2021 19:01:07 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
960 B 353ms
325ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1, FRA56-P5
x-amzn-requestid: b8ee6d9f-979a-40e4-a05c-d33f55a90883
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: JRO-8GV7iYcFUJw=
content-length: 555
x-amz-cf-id: 1615LTCPdbDV-aXgqWe-Pu0TN4LwnYM6tPYZkUsksibZ-Qf4GS2Svw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 52ms
8ms Script
application/javascript 18.66.112.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding: gzip
etag: W/"ea838863b2b3bf40d1353c99808a5464"
last-modified: Tue, 09 Nov 2021 13:26:48 GMT
server: AmazonS3
age: 46853
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 23 Nov 2021 04:56:46 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: UuQdUpq-X2c-Cztva7Z7a0xn6LltrCsvAHp6flm4aL-qzZWbyyb8ig==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 8ms
8ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:38 GMT
Content-Encoding: gzip
Age: 895
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: jzXf5usRbJR3PYvp69Big/B/XsVaN007aaf8DzTo4oE6Ozrfyzq3/rqhk6J2PTv5JM4jjOX3BWs=
X-Served-By: cache-fra19172-FRA
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1637690258.422831,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: KY5DB13GGJV0P5XQ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 768

GET
H2 200 xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 131ms
130ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
age: 1982
x-guploader-uploadid: ADPycduVDJbblxUJc8ghPZxCdWbHBSG3ZKXaU9HYssI5-qk7i6ZK6l-jeLh-EOkonB2Hpan7ee-RB-0kqppmuk47fso
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation: 1598340963244234
via: 1.1 google
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
content-type: application/javascript
expires: Fri, 18 Nov 2022 17:57:38 GMT

GET
H2 200 services.js Show response
js.gumgum.com/ 101 KB
38 KB 47ms
13ms Script
application/javascript 52.222.214.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92e508e0315c4e6845e02c97253ce3bfbb1a54b44371e4a280ed71958c77b173

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:25:08 GMT
content-encoding: gzip
age: 1951
x-cache: Hit from cloudfront
last-modified: Tue, 23 Nov 2021 16:34:20 GMT
x-amz-meta-access-control-allow-origin: *
x-amz-meta-timing-allow-origin: *
server: AmazonS3
etag: W/"2a0b5deef42a6bbd4049f46b77f8685a"
vary: Accept-Encoding
x-amz-version-id: ONqU1btj4yNTCm8Ql.9oZGw_OwRqFENw
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: ANblavgd_cVUIEBKB88JNsF0vXysMdE66meB1gdWFIRbFBr1X2fuhQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 46ms
13ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:47:50 GMT
content-encoding: gzip
age: 587
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0NATJHVKE5TCRJF904TG
etag: 1e39d25f07f5619925357b752ab10d04
vary: Accept-Encoding
x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: rR4UDHd1YzFqu4D-iDQhMC8otlZFYq8mi_D7862cUIkV73_4n-cHGg==

GET
H/1.1 200
OK 182762-63174106385307.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 30ms
11ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Nov 2021 17:26:30 GMT
Server: Apache
ETag: "da3d11-930a-5d1780abe4dce"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1797
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Tue, 23 Nov 2021 18:27:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 1189ms
1163ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1052 / 604 of 1000 / last-modified: 1637669178"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26862
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Nov 2021 17:57:39 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 34ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=745961223&t=pageview&_s=1&dl=https%3A%2F%2Fwinkgo.com%2F&ul=en-us&de=UTF-8&dt=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=550446485&gjid=581969244&cid=1631351504.1637690258&tid=UA-3289316-12&_gid=1311913391.1637690258&_r=1&gtm=2ouba1&z=1571726350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
959 B 266ms
266ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront), 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1, FRA56-P5
x-amzn-requestid: b8ee6d9f-979a-40e4-a05c-d33f55a90883
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: JRO-8GV7iYcFUJw=
content-length: 555
x-amz-cf-id: YQ9vzFrHcIKsCch1cbZ7Vsv47TpXpxqJj9sIATq2T_bm1IhqKwNi2w==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
540 B 99ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: bc9cc091e3c90346e3b9a8425f3649e9247e5af33233265478da1b0955a4950e

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 23 Dec 2021 17:57:38 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
324 B 45ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 17:57:38 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 48ms
16ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3289316-12&cid=1631351504.1637690258&jid=550446485&gjid=581969244&_gid=1311913391.1637690258&_u=YEBAAUAAAAAAAC~&z=748341341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Nov 2021 17:57:38 GMT
content-type: text/plain
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
409 B 14ms
13ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwinkgo.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:41:34 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
age: 4563
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 57
x-amz-cf-id: G_pKCbIn3bV13ia4kM__nCziU1uOTPoTf5KKpJ4i-EIOV8UEgCclLw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 30ms
8ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 42076
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Tue, 23 Nov 2021 06:16:23 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: z3cHUwhOjSL4sxHhVHeb2nqC9esrAo_UqbBnypJT87V4C22soDAeug==

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
424 B 29ms
10ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fwinkgo.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:38 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://winkgo.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Tue, 23 Nov 2021 17:57:38 GMT

GET
H2 200 output.js Show response
www.zergnet.com/ 4 KB
2 KB 116ms
115ms Script
application/javascript 34.233.22.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zergnet.com/output.js?id=87515&time=1637690258597&sc=1&callback=json3708232
Requested by: Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=87515
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.22.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-22-207.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 572860b1d1f698af168d1a125b7f563f4cfa0dbd6103cd7628d39c488d20bde2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:38 GMT
content-encoding: gzip
server: nginx
p3p: CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: application/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 89B1 3 KB
2 KB 124ms
124ms Document
text/html 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

server: nginx
date: Tue, 23 Nov 2021 17:57:38 GMT
content-type: text/html
vary: Accept-Encoding
x-guploader-uploadid: ADPycdtzHGVwMSIIC0TSrvh24v_fTnmd9ym236VGqMN9QTncaGHFtF5z4qNsbrlvkZ6Qp4n1GJuI3KlNa6pFE8aU4VU
expires: Fri, 18 Nov 2022 17:57:38 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation: 1598340969597109
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class: STANDARD
age: 1983
cache-control: max-age=31104000 public
x-cache: HIT
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK 6913871_300.jpg
img4.zergnet.com/ 19 KB
20 KB 44ms
10ms Image
image/jpeg 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6913871_300.jpg
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3cf45271e11710522e04f94fda7918d72a971faa7f548d34d0bffa77e932f658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:32:34 GMT
Via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
Age: 1505
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 19512
Last-Modified: Tue, 23 Nov 2021 17:10:32 GMT
Server: AmazonS3
ETag: "57e852b15906e2eb979b1f651dc1e752"
x-amz-version-id: f9aNpnJDQiBIih4IFL3smigNfxA8.Pr7
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: XTJRUYoCfheMxGxRSQS71t0djZoXyxn1TtNlRB91gXw7sp3sFSmjXg==
Expires: Wed, 23 Nov 2022 17:10:31 GMT

GET
H/1.1 200
OK 5654084_300.jpg
img1.zergnet.com/ 26 KB
27 KB 43ms
10ms Image
image/jpeg 18.66.139.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.zergnet.com/5654084_300.jpg
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c89b2dcd3de2cdc3fe4537d7ee394507310d27238f19cbf4ed459cf6b98ffc3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Sep 2021 20:45:39 GMT
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
Age: 6642720
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 26837
Last-Modified: Fri, 11 Sep 2020 17:22:52 GMT
Server: AmazonS3
ETag: "891e277f610ecc1bb64485c1d2139363"
x-amz-version-id: null
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: JCBXlXXdJE5aUwOitfOZJzhn3e8gfmD9HDsgXvY4BnzcZnixUgk_Og==
Expires: Sat, 11 Sep 2021 17:22:51 GMT

GET
H/1.1 200
OK 6832855_300.jpg
img4.zergnet.com/ 31 KB
31 KB 43ms
10ms Image
image/jpeg 18.66.139.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img4.zergnet.com/6832855_300.jpg
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b186558b1f3b3b41c545caf26571f74b55202733e8680aeb35d27d341c2cb6bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 20:50:59 GMT
Via: 1.1 a5a8e743f28968822c126102a78bb7c7.cloudfront.net (CloudFront)
Age: 3791200
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 31590
Last-Modified: Sun, 10 Oct 2021 20:37:01 GMT
Server: AmazonS3
ETag: "1a2145e50814128471dcdf8ed980f1c1"
x-amz-version-id: HOdZrnDRkZkBtWy8yByT7WVKsd6y5Rcy
Cache-Control: max-age=290304000, public
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Type: image/jpeg
X-Amz-Cf-Id: XNrwei0bT1XOtWqkXGA_7Pr3Zy5KUimISAIz-RzrE5Q2igJeUvx7Gg==
Expires: Mon, 10 Oct 2022 20:37:00 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
491 B 33ms
8ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=p.l&u=f1941660-e74d-49b3-b265-5d8e96eedd3e
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1552
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 38ms
8ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: 27bc0cb7e7e10d7caf0982f160c1860cb1957c710ee64ad3a21af29ec4a1edfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 10:53:38 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront), 1.1 68b2682a924ac399aa2724b5b439e75d.cloudfront.net (CloudFront)
age: 25440
x-amzn-requestid: 34fce57e-3aa7-4098-8b94-1938fdd8909a
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-619cc832-6f0757562e3215725fcafce7;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA60-P3
x-amz-apigw-id: JQQ33GfzDoEFquQ=
content-length: 30
x-amz-cf-id: EtZ335yRXPqsGnauSKWeR9xUw-KRNcJMxXlExTb5ej32MkW1DLhC3g==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 32ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Nov 2021 17:57:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
105 B 33ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cdc8384ffbcaacfd087568b6b6d1b229594f0569b6e80e7a94a2c9d8a520b8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Tue, 23 Nov 2021 17:57:39 GMT

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 105ms
105ms Script
application/javascript 2a02:26f0:6c00:291::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:291::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 67131192-2.16.186.166
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 509 B
842 B 251ms
40ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612811667906&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1637690260361

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.5e99645f.1637690260.f2f3af9
x-envoy-upstream-service-time: 8
x-pinterest-rid: 1300474324286097
pin-unauth: dWlkPU0yVTVOREU0TlRVdE9UZzBPQzAwWkRrM0xUa3hORFF0TlRWallqZGpaakkzTjJFMw
access-control-allow-origin: https://winkgo.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 364
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 248ms
38ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612811667906&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1637690260362

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5e99645f.1637690260.f2f3afa
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1674298170132928
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
280 B 167ms
15ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c4800acf84a61-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
811 B 158ms
13ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e8d0cff182f00f9c5c17e079d81f4cf9287e80f7fe19991f9e4b419c02c948b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:40 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d695f596-c7dc-4abc-8e10-7a4ced8dcc48
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
288 B 220ms
71ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4a6f89aa01d37ad481b8629dd2680319ba0a3638d5741358eedc7a1ae85617f2

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
376 B 167ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=39865225-a7f7-44b6-9bfa-e8f9d7949da0&nocache=1637690260439&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=728x90&divids=mmt-39b45fec-2240-4ac6-853b-f6dc25a31cc7&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 5fa8e72e0598365343040ddbd99c79f3462ba4f20a99922e4e47710297fdcf9f

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 300ms
103ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
811 B 173ms
26ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d623c9f4f722149803a6bc17abefedbe47ac209b16ba75892bbea5fefad223e6

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
326 B 187ms
44ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221375c1ca628192%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221435caedf6c2e83%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ea80356462a79f1959d3c1dfd508ef003315438f55020515e0b496b60b37e058

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
294 B 242ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: da36ee89c82b78710fb0f084702424291839bb7541d575088b3fb35e89166c98

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 443ms
120ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

f37574c64e736ab8bca86843f13ac85a2c66ffd2979e1e8518cc52bc423458f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 182ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
221 B 173ms
33ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-39b45fec-2240-4ac6-853b-f6dc25a31cc7%22%2C%22callback_id%22%3A%22226768364d79081%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260446&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 159ms
18ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260446&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
741 B 176ms
38ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 4a648c5670b337c9daad2c9da8b7122bfdca3d71de4c266e7c9dd61c9af28da9

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 293ms
100ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 45ms
44ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=0&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-39b45fec-2240-4ac6-853b-f6dc25a31cc7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDH.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: B6WB7H7C0WDQNVJT13T6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5J9p7rlgMBhonRhLkBZbpNIiMMHtVSinMDHUOXu89zrzQKPZWgTiLA==

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
166 B 286ms
99ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:39 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 158ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 165ms
33ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-fc9e96f1-3fff-4635-ad49-6dc60a4d62af%22%2C%22callback_id%22%3A%22378543d835d516c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260455&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
741 B 188ms
57ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 64103448b57d0ccff0db5d2a5b9b57591f6907ab127a0fe3a57f2635a3a6fac6

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 155ms
23ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c4800acfc4a61-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 145ms
14ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 152ms
22ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 197ms
66ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 72 B
147 B 153ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c9f8662-5e76-48c4-8440-0a55c336f466&nocache=1637690260457&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-fc9e96f1-3fff-4635-ad49-6dc60a4d62af&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 16cd42bf46837474bfcf3d585ed9d2e005e1eae47686dda2bb113dcbd8b44e1c

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
812 B 156ms
31ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

387de76bb44a10e83a33d3573c953bc8f8bb418da592bd5f19dfafbc1f872369

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:40 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a0af19b0-71af-4520-9ef1-0fee77b29a67
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 430ms
121ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

f42bd8439e54c505af3ef0fac4c75baeca7a9a83b49b31a4a4f28bde524598eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
677 B 155ms
27ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f357f652aa8597342be71cde83c1b9a8c0105042ca5b4552b940788185bbc9e8

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 287ms
110ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 205ms
78ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c3ca5cc3779b84d7f25481205ccbddd61d0ec1f0bd62002bccfb9b1a9bb4476d

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 215ms
88ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f876a55ce317507356f5f67d8a6ecc56523c3c3f09fa3c7a37623d395e6c7aae

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 203ms
77ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e98b51db7776fb85fa382fa2f04efaf8902b61e79c644f4d91d0d7d2157d5fcc

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
326 B 174ms
49ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22655064ef946603%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22666c77be77e91f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22670f3aca66530b2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226884207bceda7cf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6bfa42c08e8cbbee33dd13fc90fc3ba38ff587028afec2c44e15641a40577108

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
155 B 139ms
14ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260461&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
157 B 229ms
103ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 87e59d71ba67c1ff3bcd6ae9537316ac500a7b7fed0717e6e7dbc7889c09b307

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 44ms
43ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=1&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-fc9e96f1-3fff-4635-ad49-6dc60a4d62af%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDS.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 7NPEKFKDPNSWDA8SGDZV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: am6tMFbpXmoQB6CIg_n0bCou5l_sWqcpYwJFkJAANoT2HbdfFMU18g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 44ms
44ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=2&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-d4882069-29b9-4c92-a730-5bbe18a8faee%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 995CD8C8JS0YRKX1Q2EG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7XnxIzZytlBJUQDN0_B4hJG4bUUkb7QE9RHBwTV2c20FKwF5MkM44g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 49ms
48ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=3&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-19e43e99-17e4-4782-98eb-0a2ced1f5145%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDS.E%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: H80A3Y9CEE08HY4AP7J8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TMPVdXU_0ZNkRbDsWMBPrU-9HEypuAv_UYMNyhdlxrkbh_0PafK8SA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 44ms
44ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=4&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-167199e8-4d87-41db-a36f-057bf8ffae85%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDT.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: PXPCVAVCMR6QKP83SJFW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: R8FUIDdPKfY1RtTipn8xpmoSPLOIw8vTJ9EOWWNOnPYbeN4fNT1iNQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 46ms
46ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=5&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2c4a27b7-b7ba-413d-bf53-82ee89a82e94%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDA.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: B3J1WFP5WC4EKAJ6P5GH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yVp0xfkEQnRGadem2EGrixkYzFkZvEUE8uhErFJyZwb3oXj_6BLxoA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 46ms
46ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwinkgo.com%2F&pid=ZgZFOeGBXHMVU&cb=6&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-1a46fdc2-a423-49ad-b6c0-fbcb224fddb9%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C60283893%2FHF96JM%2FHF96JM-DDR.D%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 3NR5TKRCPPXC03AJQT0J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: aTbgyz2t9V1Du4Px0kaPrY5f9ndfZ0Yh2gdyDXG3MNUTnnvyX85Upg==

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
103 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=39b45fec-2240-4ac6-853b-f6dc25a31cc7
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 8ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=fc9e96f1-3fff-4635-ad49-6dc60a4d62af
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 9ms
8ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=d4882069-29b9-4c92-a730-5bbe18a8faee
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 9ms
8ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=19e43e99-17e4-4782-98eb-0a2ced1f5145
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 9ms
9ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=167199e8-4d87-41db-a36f-057bf8ffae85
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 10ms
9ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=2c4a27b7-b7ba-413d-bf53-82ee89a82e94
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 10ms
10ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=s.d&u=1a46fdc2-a423-49ad-b6c0-fbcb224fddb9
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 winkgo-logo-final-e1423762835833.png
winkgo.com/wp-content/uploads/2015/02/ 13 KB
13 KB 24ms
24ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winkgo.com/wp-content/uploads/2015/02/winkgo-logo-final-e1423762835833.png

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74dcfa223cc2026109dc555fb51afbc6b0bba578b2a3eb41e8d6a0b1718bbbbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11729
cf-polished: origFmt=png, origSize=24976
x-nginx-cache-status: STALE
x-server-powered-by: Rocket
content-disposition: inline; filename="winkgo-logo-final-e1423762835833.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13318
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Jun 2017 08:15:00 GMT
server: cloudflare
date: Tue, 23 Nov 2021 17:57:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 22 Nov 2022 18:13:25 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b2c4800fd4e702b-FRA
cf-bgj: imgq:85,h2pri

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 80ms
62ms XHR
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5e99645f.1637690260.f2f3b68
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 5210540309029677
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 7843
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

226ms
202ms

Document
text/html

151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9e0c5d0659ac7cda02eb26d27b0d5c62cb9f426629ccfee28f6ecd8d306d096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-453253ac42fb77e8017e5987f68efef3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4191472348076540; frame-ancestors *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-453253ac42fb77e8017e5987f68efef3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4191472348076540; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-453253ac42fb77e8017e5987f68efef3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
x-envoy-upstream-service-time: 96
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 4191472348076540
date: Tue, 23 Nov 2021 17:57:41 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a011484
pinterest-version: 6eab8f3

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 116
pinterest-generated-by: coreapp-webapp-prod-0a03dfe2
content-encoding: gzip
pinterest-version: 6eab8f3
referrer-policy: origin
x-pinterest-rid: 5475116224503837
date: Tue, 23 Nov 2021 17:57:40 GMT
akamai-grn: 0.e4247e68.1637690260.46eb74f8
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 342ms
121ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

2a21726b782f929e57f2e9111bb223a5cbb85360637896fdcc8ff6956931c044

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 215ms
215ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8d1eb22afbd92b53aecf660a0fc7f9233bd855f687e384f6a6daf9d74e7d95f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 17190dad-7b1e-4b38-a91d-22696e2c3f33
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 110ms
110ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
327 B 51ms
51ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22814722c29bdba45%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22820a344aa01cb9b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228387a805957d564%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228494ee0832e403d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 17106df066ab8dc40eeb9326a3fec2b8d5c8133156d2b1307212d8dc42a6acb3

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 33ms
33ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-d4882069-29b9-4c92-a730-5bbe18a8faee%22%2C%22callback_id%22%3A%22864352da09332cd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260670&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 104ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 58b09d5a19f4eb1a9ca3c0817f1643bda7a1240a40f9886e5817a75c8f0d36f3

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 28ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 84ms
83ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9176471e37e3d6e7879397bed253b3b342ca5a63eea567e7a70b97a2168aa23c

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 87ms
87ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e47ee048a6d1b828730eade4b5007f14d362ead17782121e4e0205c9d1d3880b

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 75ms
75ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 1f385f3708c38ff3f42ba085f985b0a42d1e45b30361da6319e3c262bf713133

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
676 B 31ms
31ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25761a27938f7b8d23f1672f36fba30a594623322cd9a058416c5b2f1bd262d6

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 17ms
17ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c48013ea14a61-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
741 B 76ms
76ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 9e4f6bb659e9fb69286b9f1de467e9755b65ef2cf599c648fbf0f07ab46cac94

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
21 B 93ms
93ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H3 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
101 B 31ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=92f3a128-5468-45b9-82eb-0b9bcea32726&nocache=1637690260677&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-d4882069-29b9-4c92-a730-5bbe18a8faee&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 02861230820ae5d14cabd05ab5af71cfbb32a9f1daefb898260205665b90d87b

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 17ms
16ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 69ms
68ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 67ms
67ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 17ms
16ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260679&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
150 B 96ms
96ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 338aa0236f8241e8f8dbb8f477360de385c3dfb8941e0a95e720b1114bd0cf40

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 74ms
74ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ff8f6e590bbc68aac49cf07c7812d8f85f4a4267a151c7ef40cdc03438aa7587

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 72ms
72ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 54d4b785e8d0ab77bc56c5afe8f33ac41b51bb4cf51a1399e6578250a9284205

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 78ms
78ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d53c8c4c6a873be61370d8106d79af437a87b2ef75a0273b8629fa68f0351853

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 96ms
95ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 122ms
121ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 26ms
25ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 63ms
63ms XHR
text/plain 18.185.195.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 14ms
13ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260762&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 11 KB
6 KB 82ms
82ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

09bd3ddd60e1a12a9efbb1340190552cef95bc3992fe5037a1fef81a6fc7fb23

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e7888272-47c6-4462-955e-2e64d1705be0
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 244ms
120ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

5f10a73d3fea45884bfecfefbf8fe337f91e04265aef10fec43a91ee977f3b1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 125ms
124ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 18ms
18ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c4801c8694a61-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 33ms
33ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-19e43e99-17e4-4782-98eb-0a2ced1f5145%22%2C%22callback_id%22%3A%2214117898115903ed%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260766&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 19ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 38 B
328 B 125ms
125ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221460ad188ad920b6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221473475652a4d56b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221486114c6bf6068c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221498acac1bf5691%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cdb374bacdbdf8f7460ecc0832c30c045e8ba40c2fc79698af6bd157827217ac

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
743 B 36ms
36ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 74b6a41af7246aa18bf2e6e66e2349adbcaedd6b551ef0e11c80532f8a294658

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H3 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
101 B 20ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a40d3cb0-03ff-41ba-9a30-51176dd75ff2&nocache=1637690260769&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-19e43e99-17e4-4782-98eb-0a2ced1f5145&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: bd14dbc2942bd971e7cdde22a48151c7dfb1b63b439673330ad783d26f68f2cf

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
677 B 25ms
25ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d992e77ed92a9128261fed97bac167232803c63fa87a20dcbd59ad1e5ee1debd

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=b.r&u=19e43e99-17e4-4782-98eb-0a2ced1f5145&d=%7B%22utm%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 8ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=b.r&u=d4882069-29b9-4c92-a730-5bbe18a8faee&d=%7B%22utm%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1554
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 489ms
409ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

29310cbceff398a7f94703bd75cb127867f9184b2c8a67b1582b6825bfde10c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

GET
H3 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
101 B 22ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a7555f41-2d0b-42be-9372-aee4539d2236&nocache=1637690260889&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-167199e8-4d87-41db-a36f-057bf8ffae85&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: d1ce0cd2462e3a8d8e1cac3a1d39ef9e53f8c6cbd70be1edcc25633c7dcf2a1d

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
326 B 78ms
78ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216484b3f1c53eb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22165e527b632856aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22166b1786da1d8354%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22167a2f6b7ed528cf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b6517f7c43b6a2db4083f4add21d8999fdf29c2e9e8e81935c15d7298209c2d6

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
20 B 92ms
92ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
969 B 15ms
15ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c338ba162b00c9ceee37891f8086a90c697d528dfb558e15a93346a931149df4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:40 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5cb779e5-9221-4f4d-8792-0f1d7d75d1a7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 17ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
150 B 100ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 26753d248f9d962b5c798450bc07b761409337d98cf358792e19aea1765ba5c4

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
741 B 38ms
38ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 1f10c634618a8a3daef3d917e00c838fadf34f80a11cfd31bc30440e40e77d75

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 70ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a81e2baff09ea706a875cace591493330555e8c8c7aa3c703d63aa748cf12641

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 95ms
94ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c3f6386d656937d437f2ad4dd98a41e0d51571b1f83c0889c72f1327bc5cdb4e

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 76ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 4d6404cad347efa7be24b23affb12c49752375fd2112c9e7cb7f0208815b3b75

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 17ms
17ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c48029a8b4a61-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 33ms
32ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-167199e8-4d87-41db-a36f-057bf8ffae85%22%2C%22callback_id%22%3A%22189a05e4c1a52d3b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260897&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 15ms
14ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260898&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
678 B 35ms
35ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d6c09bfd0f692c0d7b1fe4f83aed1928715c8ecef5e2dc23177d3ab41f56f36

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 105ms
105ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 302ms
302ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=4411498399153226&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDH.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.2%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1637604064&dt=1637690260919&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=208&adks=2874304787&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x216&msz=728x0&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0596121f2d2d72f22a21fc3696c5e81e7bac5a5f711471419b37bc7c68c516db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7479
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 51ms
27ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bab4a816f29f44db701f4b9a117c2010832880d0fc82052e563200fab585bc05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9413
x-xss-protection: 0

GET
H2 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58CA 6 KB
4 KB 53ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 32ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 16ms
15ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690260929&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 557ms
516ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

47db7e173d5403eed3079ea5fc6a270827f1b73eda40a273c18fe3a694e9d01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 106ms
106ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 428 B
978 B 120ms
47ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=gqvfnpyb&pi=2&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwinkgo.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=http%3A%2F%2Fwinkgo.com&ns=10240
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d57718f4773ec36c8a09303b21530f5d203eb717a69ac38ace2da2f083c3409f

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://winkgo.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 93ms
93ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
150 B 98ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 628623030d17bc9a6117978e295b14d4a2ef730f8d3eaa61a44af9ea0d9f38e1

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
969 B 28ms
28ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

586e46427d67825f4728232f3065c13151b04a6113cd9d09436c04cb921eccc5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:40 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2ecd77b7-4e8e-4ec6-985f-c94838f75275
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 38 B
328 B 50ms
50ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22215d7b5ce3ed964b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221664ba36113cb98%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d2c6d1475d2cafd4d38369143edc77f4fdb71aac89c681d613edff41fc333f3e

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:40 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
676 B 24ms
24ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87a26f15ce2cb48c61fd2c0f6363d6d8dc808b17e51c31d9f1d226e4566e5462

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 43ms
43ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c4802eb454a61-FRA
access-control-allow-headers: Content-Type, Origin

GET
H3 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
101 B 27ms
26ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=01546b24-fd0e-42b4-8cce-20e9633b1c8f&nocache=1637690260938&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=728x90&divids=mmt-2c4a27b7-b7ba-413d-bf53-82ee89a82e94&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: be3174de0973fdcb903878e97a527ab233143921e4aac848eac78ddd618d3d08

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 69ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: fba04bebaba1723f824589fce04970620255ade79b41d23f46850b8fa1ca5427

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
743 B 32ms
31ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 6d7aea0f6344b19d8fc9aa182d385315e1d9956bbf0e2bc8cf0a80b66f1689b4

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 33ms
32ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-2c4a27b7-b7ba-413d-bf53-82ee89a82e94%22%2C%22callback_id%22%3A%222283022fc2d30cbe%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690260939&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 269ms
269ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=3192592995694866&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDS.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D1%26monu%3D300x250-160x600-300x600_A1%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1637604064&dt=1637690260943&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1566&adks=1088147552&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x620&msz=320x620&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6c2d03a0466905c577e4c26486bff06cd05fdf35ba9b1fae2cd9c475af61e2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7858
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 23 Nov 2021 17:57:41 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 94ms
93ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Tue, 23 Nov 2021 17:57:40 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://winkgo.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
980 B 108ms
108ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid_display Show response
display.bfmio.com/ 138 B
559 B 120ms
120ms XHR
text/plain 52.22.182.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.182.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-182-4.compute-1.amazonaws.com

Software

Resource Hash

4d42182e17c4442c45a80526d41f47cb9421205525555b039f4bf739075d4dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding, User-Agent
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
743 B 41ms
40ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 2e44c2f4e3b0aac4787bad4cb59f788a4771d900c1c9dd34eae7498d4780c415

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Nov 2021 17:57:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://winkgo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 38 B
328 B 167ms
166ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22240ad3d3bfe690ba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwinkgo.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2296c8c645-23f3-44a4-a297-a52f0bbd8faa%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-11-23T17%3A57%3A38%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222412e1c87983f397%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224216a6cb2b0e6da%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242369%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22243bdd5190ade93c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22242368%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 492025f252d2b75327f81a5a3764335325a8850e5c7632fc640d42786c4d7a3e

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[213.239.209.3], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://winkgo.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 38
x-ak-client-geo: 12
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 79ms
79ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_160x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: aac95e1d716113321b2b71ceaeb2a5f2687da7644680edb0c8629a9955ea6e53

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 80ms
80ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3b3dc086bc1f3a0f7fa0616b32e3ac33967c07d06803c9bd628c409dd4497e88

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 74ms
74ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695e3017777b66e76bb0bf4430142&pos=winkgo.com_desktop_atf_300x600&cmd=bid&req=https%3A%2F%2Fwinkgo.com%2F&req(url)=https%3A%2F%2Fwinkgo.com%2F&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 6c18e92fb2fe9ee65556d3508c971c51023e2e5f51b70d3910046b9488049373

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
56 B 17ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
220 B 33ms
32ms XHR
text/plain 34.254.8.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-1a46fdc2-a423-49ad-b6c0-fbcb224fddb9%22%2C%22callback_id%22%3A%22253afdc976bf7a2c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222682005967406571598%22%7D%5D&page_url=https%3A%2F%2Fwinkgo.com%2F&bust=1637690261016&pr=&scrd=1&dnt=false&description=Winkgo%20curates%20the%20best%20viral%20articles%20that%20have%20a%20positive%20message%20and%20showcases%20them%20to%20our%20readers.&title=Winkgo%20-%20Inspirational%20Quotes%2C%20Memes%2C%20and%20Stories%20that%20Make%20You%20Feel%20Good&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22f1941660-e74d-49b3-b265-5d8e96eedd3e%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.8.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-8-42.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 / Show response
hb.emxdgt.com/ 0
154 B 99ms
99ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1637690261016&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://winkgo.com
date: Tue, 23 Nov 2021 17:57:41 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
59 B 20ms
20ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
cf-ray: 6b2c48035c6b4a61-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 67 B
159 B 101ms
101ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bT2WDOzV0r64kqaKj0P0Le
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 1f412e81137554ae350dc45cdc1066664cf1cf6b3084630e374e33bbfebe3ce4

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
677 B 32ms
32ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3dccf55b20a4495631f4edc00c62c491e882a39cbed906ea262fd24b3dd17a5f

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H3 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 73 B
101 B 23ms
23ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwinkgo.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c43d2a69-9f17-4deb-afa8-51f3e14d1faa&nocache=1637690261019&schain=1.0%2C1!monumetric.com%2Cf1941660-e74d-49b3-b265-5d8e96eedd3e%2C1%2C%2C%2C&aus=300x250%2C160x600%2C300x600&divids=mmt-1a46fdc2-a423-49ad-b6c0-fbcb224fddb9&aucs=&auid=543971540
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 9c7a10535a4a880b00a50201697c31404dfc16ba68ef15fc3fbc93a9a6e7c6d1

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://winkgo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
969 B 14ms
14ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e0b8902e5e101a6022450ff50d7b55f3b519c7ef17ee0fedd03e75201b37bea9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://winkgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4a83b80a-9961-441a-ab67-f38d9fb52bef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://winkgo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
19 KB 290ms
290ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=871221073162118&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDS.E&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D5%26monu%3D300x250-160x600-300x600_A5%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Df773b7e4-17f6-435c-9fbf-defbd098c0c9%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D27049c56e823ea2%26hb_bidder%3DappnexusAst%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1637604064&dt=1637690261028&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=1062&adys=5248&adks=3781878129&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x620&msz=320x620&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0ae60eba744f8b4ed8759131f555b77df7a664d8ec5b246dca3522654519793b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19083
x-xss-protection: 0
google-lineitem-id: 5528971813
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329827559
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 306ms
305ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=2871589899878472&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3Db19bf8b5-dd16-433b-b36a-e4a0baca0b86%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x600%26hb_adid%3D27121078a6c43909%26hb_bidder%3DappnexusAst%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1637604064&dt=1637690261037&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=3827&adks=1737013403&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x620&msz=320x620&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9b8de3bfb9696c6fba00333584d72dd9f51a1f8ff81a7e85f78e1f4435a4fa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18831
x-xss-protection: 0
google-lineitem-id: 5528971813
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138330202801
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1775 12 KB
5 KB 25ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 23 Nov 2021 16:54:07 GMT
expires: Wed, 23 Nov 2022 16:54:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B52C 783 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab2819e31d09f6ba3b7ff59255ea9b7af5ab7e81292f76100ab90c522054e642

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RMO3XSENgQkuuaduUxTAZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 23 Nov 2021 17:57:41 GMT
date: Tue, 23 Nov 2021 17:57:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RMO3XSENgQkuuaduUxTAZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 services Show response
g2.gumgum.com/zones/gqvfnpyb/ 328 B
589 B 42ms
42ms XHR
application/json 34.249.15.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/gqvfnpyb/services?dp=https%3A%2F%2Fwinkgo.com%2F&pu=https%3A%2F%2Fwinkgo.com%2F&ogu=http%3A%2F%2Fwinkgo.com&rf=&r=3.86.0&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.86.0%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=614d3dd9c296405d0746fdcaf6e253af4c86a77a&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1637690261060&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.15.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-15-20.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 93ab5c996638f389bca49f7a3fe2eadf1aeddbf865fe7e660930d0c5036a8c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
server: nginx
etag: W/"037a0b20dc361e06664b172f678d64e92"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://winkgo.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1775 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 7843 0
3 KB 133ms
133ms Other
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=4191472348076540

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-877d5a01d7dafb8e37f793fcfa587917' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1399511824064566; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03abf2
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-877d5a01d7dafb8e37f793fcfa587917' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
x-pinterest-rid: 1399511824064566
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 23 Nov 2021 17:57:41 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 6eab8f3
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-877d5a01d7dafb8e37f793fcfa587917' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1399511824064566; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 7843 0
3 KB 141ms
140ms Other
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-33a3e9c0b096546c33c19f5c9b905860' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1390739793381832; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a038fed
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-33a3e9c0b096546c33c19f5c9b905860' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
x-pinterest-rid: 1390739793381832
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 23 Nov 2021 17:57:41 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 6eab8f3
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-33a3e9c0b096546c33c19f5c9b905860' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1390739793381832; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 7843 0
3 KB 132ms
131ms Other
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-b030796b2f653cc9e21314f5f1c6c3c8' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1107549397833214; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03b409
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-b030796b2f653cc9e21314f5f1c6c3c8' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 35
x-pinterest-rid: 1107549397833214
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Tue, 23 Nov 2021 17:57:41 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: 6eab8f3
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-b030796b2f653cc9e21314f5f1c6c3c8' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1107549397833214; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B52C 0
0 44ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2671688122751363&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 279ms
279ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=4361155919960760&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDR.D&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D4%26monu%3D300x250-160x600-300x600_A4%26directDeals%3Dsticky_pillar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26amznbid%3D2%26amznp%3D2%26tynt_pillar%3Dtrue%26tynt_id%3Dbjo8DgCjCr64bBaKlKyvbs%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie_enabled=1&bc=31&abxe=1&lmt=1637604064&dt=1637690261194&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=1196&adks=1740942225&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

df4463692c5e298ae03fa58f738d8518264061fc24921636eb82070a3578843e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7555
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD11 6 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
103 B 11ms
10ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-fc9e96f1-3fff-4635-ad49-6dc60a4d62af&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22HF96JM-DDS.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761245653%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7648 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-39b45fec-2240-4ac6-853b-f6dc25a31cc7&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.20%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22HF96JM-DDH.A%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5A52 624 B
975 B 55ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYn-KUuwEwAQ&v=APEucNXA0vJglp_SG7PaRUL7ymdKQN44J55mKAPvImyd0wqt16cd3VKD8mW4bePneWQ7A_Nxp8io5wgsXOj3OQcNBdmExf_IMkVkia7oywAlqjELRuQ0cb87_JXO_tR2Awmg-RFYr0zpor5y0IY7s6dAsZa1WnxkhySSLBRq21VLz2YTJ2lRBPU

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BD11 73 KB
31 KB 76ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Al3KqIKg8UletzcrKe8d8SB-vmAjPdqix1eXDXkG5KjtO-MfqwdXnEZVgZW4G1DdefgC9AbVHGejn95oByMGmsLdVQFzeS626-f_pTBOy4qH9Mw8q1tX99VuYRPS7IKlhUTSOr1jhpVcw4NBSEDA2Xmjy_KA&dbm_d=AKAmf-DlbespRBoO7B1TodEbeegxz3ENoG-zo7cwhrsmI-KdQUq69u7xQYuD0jkdhsLZ5cNoUvuANSbWxrAYAoeF_KgCi1nPy5rXod420G_SBN3bFXsKB06KoGdYr5c7a-EOGzYJR3vxiI4tE7P95C6Sy5SF2ZgOSfpTmgzBkkUrIjqcQlA4McAu7azd6PM602zV_IJlDxCxzMZj4OeexdSWGK7NE5akMlbGtx8TMuRspuL0mCbvexOipGi8uqYQW3n3lqsE3H-SI7Jt9xqW2wELr-MqM3uWtplJ3kfZbjSUXyySQmMjAqz0zbAXtZ9VY0nXT16U_V_MW5I0Xwckdd8kK2qhBJt5vgkfrd7ucwXbk1ZW_BqlPCthGJ2PYhPx8evy48sqpC_SZ0W6_ngAOfKnlrzrIpNCTEeDrZwasL7rIy770Pv9ibVxTXb-p2zQWIfciEeRHYGpH5OcxjmSTgWmcXJ9fyyShJV47sZTO_HFizrMmW8Ha9yIGPHgvdgcvcOsvWBCwoYQrezQItIWK0UEig_DgDyLdLi9FKFfKB_6plKhXJAmtXZ2wMPLIM1EVHSy3Yx6XEPjh_FxhX0oXbLI-mP2NID2r38CWgKXrMZQEVGbEUBPAR87RyL0foh_qlYl7haR1I4CdGHAza-akVI9YG3n59JyqLueA2Dz47f6V5yDQ-dSmHcRNdwmVCLkGTkkkwl_eOmTMm87MlCqUncmmXjEpzAiDrSvR3rGSFTm-uidEtH91Wh4q45YHPcwcekzSLMxleO-AjKP4s9JnIAvJHDiNGSrhyFq7frhfUCzoLBhu93aALwmC0cacPOzNMG70cr0YKKTpfuvcMhwtlVVLzMLrpAstvjyi3xtlrnoszKQelYJA8MDf03fzRATeFYcjnzvonjMRSWeUoD9kRGXUzJYf95H9ND27mt1zxzwCc9rFd30n8yW2KalU9ItAVHapLPadMQXPYWPxFGc-Gdw2SzFwNEp4VamULIuvkCV-1nDrKzrttlp3BpKpCaADUJHQuCgpGEI83PBe8p0hHKFv_DdArnAVn2WBb1KWM9W1nrz1Ri7Okqfo4KgGODO8DDkgTGd3V-N0bABa5Ze8sIHJbngt0losX4PJShKIncuKjalKyN-rTnQUac9dcJ1hLatBuem_a0K5E7ohFCdVUOaL54UIthh1CqyylEDjrE1Zr0-55FlIuxpw1Fc9RFpyHEif-CC4_m8IeiZyGLIyNbLWXhiXZTdouW_kTsuvtTInk-8ifRxZcNoc3umns0UpOjHATsSVlQmiMYcSNcAhI87_WVprK7H7saiuzroxXlAJP7REFzHGhZAbjKQjITBGAaNSVuB_UcUPAmXZxPl2_M5DbCif1LVghRhkUxc6zsWz1yHnNBQfMx8_zYMDWlM__ZOjKlIsKxEHpRxRqy8xc5iTbpEsppn29Ftdznj9XDuUNxTo_LgeEYI6bNJno1idzqx1iaIjhHLPK7vjgPStqbg2-QZ5pcX6RahuSVMZaznutGwjPXYYgfWULWCYNvREiTDn2tst2WI0wZiaLiREltIOaG3Ts-UQFlb-V-GvON0ld6f8lqa_V0Caqfox3M81HkGllmF_YYjCV8kRACPmcRhEDoux9pSn8jCYXythX7wlaAa0A42lA_tpBo-ktmQoTsRrCueHvns07axniRIfnGAtomN4GluXPxdBP8DV0BEPAwypKBgXpyn9v_GavzvfNQTxdenFAylMx82SH8mGU2v1eFymRhYJ_TRW6X0nyZnzMhtFpyoNkGKdKH7CZxBxOwU2583vcVzKGS6clTkMvyVS00yfqPpiU2Dtw84EsqtH3MqksKN-JPiKIFLnWAZNYSziYSoBnUgDqydHZs6oBMj0uZJdFc7So5fb--hmkSn7dinL9g5QoLwbwYV_rwHSW7j0CgsPzIezoRBjpyM9jHwTi_qu0jyZO3alfCCir9LRNDKvl6Si-YOZSeW0ww2nYA3pt4tmKysgd57CAQuVNRLGuezOdeSzsUJr4nf4JiX_-LT5xnItxy0NL4d-tBnMs24OFX2rA2GC8-x7nZTbg1_PrDbbUkxBuoL-IzMk2rTDjR0X9zsiksFY7CftB0Rfh5-z-oJ3S1dXo6Uex91ZrWpnLAiWn7aVs90Z5-PawgeRGud0lYeylN12xNtxtGvfWS7fWLRCb3qD9CUH6eDdGHbYXN1GRm7vC4YtPAAT98CcRk6VZ0Yqt8OJtAejkQoLkyMfmA36LIujR1p6NGLVDikXznQ77leuWSmaC0SN3rfaXSLL_VSoFgcTSu4Fx3I4EFgBF6L1XKHArrJLTvCaFq6tumdse_G_uZ5eF_1rJG7Fr7zWzei3a40D1iIBCTRInf1fGVeeOpP6QOoXfu7vPq1JqLnd2WmpjKD2CK5lTJ0rR6FpnIVnPMxebNM_YMzBHHaJNSqwi_8EVVJu3Wihh8fainiZGfaU7QtfhxZmrUIuU4p8BF_uSAfNEaV4mObskkuadVmiVr_Pe-ALrm-Ty9WIBqAUCwElgxagHBIORBQ2Qf9832M4HBG-kCQkmhViqc8fzVFvex8lLqcJtHeQayT0z3ogYYbYIXg_gB929r201nVYsCHjRDM3qv9uK2ME3pB9EwjaT2RcJsmcGwkmGrtM_3hgNINJQ47tsa59ImNMiXuXCS7qvqPaat7c13fmpAC5dE_6zzc3eCJubRwOx96nfoNd2YRO9buCFr2AGXEG9dvh4yv331DjJ9OS7H1Y9Y1tqdE4yeReP8Gyy0JlW5fM9leULPRUQ_RbjQKhbrpVdyFzsHyOQjlktdBUJLPUgVKZh1uW5rrSxOxZPF18RPP4sZIHq8g0aXMBplXJ-R2XTodF_usyZjc9s1dPORz8P4hikW2WtdWBo4v1TI3fkwZT1ngHPK4ubsZXKShrsgMy80Ac7Qu8UQ54vz8ATVp0O6ovSlB5hkvlQy8m8ls9VL6c1ZM-v95-l0cwbNk0n7zuWy1FAjQupsPTOIZ3_Vcqkywl_v7HBNFK6C-aMjLKnqgyk3s3p1mqMUowuFPd2Ua_g_r5V1P8-TqsGqWpP_NOGpcNyFnGiODaBvJj9zhovwvgar_jUfl4QtyVfp4hRoR68zp4r2ONwUjyk_T27aa6Gog2m7Hayhmcv54HEFp1q6pl_Qh08Iti0Xowz4GMLszePyD0G3s5Uvh-mdMfCVo3mkmaL3tq_NAmlWBhKz5zUvGboQgxJRsjdGahrbruDej7FvwH4saBLE&cid=CAASFeRoJCpWJvuDgbeld1sVnqGXHM75hw&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a36782e501fddba98682046fb2197d9bfd49afc0f934629d5503b57756d6cdb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD11 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKC_GrBQJAAjo7PvNRLKgXeLaJu68aw6ZmkUtjIkj2bfkUgRNQUYKdIX3HxslrjhUt4kvJropvCd-wpYKUxPTw3NUvKr7O4tOSh3zMnDRXP1ly4VU

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BD11 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD11 119 KB
37 KB 85ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BD11 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame BD11 68 B
345 B 59ms
12ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31fl6v4frd&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERTLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWZjOWU5NmYxLTNmZmYtNDYzNS1hZDQ5LTZkYzYwYTRkNjJhZiJ9fQ%3D%3D&sb=undefined&cb=6582439&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9314 624 B
297 B 36ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNU1018MTcNy7JHTx4iau9yUvGUJb0RDP8rT4XEOFUf_Jc6OPPJnkS3xMsupO6u0tOTGhFjkDa_eqjwG2vi5KjMBT1JqdvLBnD4JKwQ4AjLPKLkc4MO6gD15ppoKLqX1926OLyw-5odgEqKJ_WPxOo33IsX6vsRpb7YXhu7Yg240kzs8VFg

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7648 72 KB
30 KB 65ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BgBXA7tVGLBx0I3a2ZrSVvN2QbAn4GLyg5gzrOY3_kYbfuNGI73MgFlmKy4eZHbgd_yoWourfYHC5PiEOkGQU677Y4yCEMerA4I_svwGKySqDlpRfYqg4Sx9QqxqSD0vTaR5yMICHL7kbObhn9lI8aUzN4tg&dbm_d=AKAmf-BS1Bu6zeVJjL8dc5CruVXmNfUfXaZD-oDztT4dvene_P8EOuqjevnBjMeGSoJ5r6368e1_f3jrj7Fl9ZEDgkgxqz6mwJhQgiQneDtrsa0ycGghWiFz3SfVlPvnOfCk8c6TCrgGBaiPLzI0U8ZsezmX3CBjmOBuv3SCJH0if9XbmX3ejJplOSHKz3DS0Vf2WzALObgIfb0Sc_dHdU436hoVMkfBO8Y1EU8OiDisjxG75_kWyzDn6jLvqfxwOtaqJaZcr6OQ-AX0VfRCzonqvjAfNTf4_swaj1UVDONsCIKJDUZg7Kv4UeYAzAPIiZ_TRCmZ2CvEnx3pmPnpK9CEIxXmdyHo3lDpbZHvkSdWXdyowT8s5nNXNiYRZahB_U4zgtKls4wWMEwSjXyGcM_XFGhk-EfWCGggAeL9dSXhJaJfkccuydHp2vlDSQP_wGf10yToe9xv_pYlmczoAjeNG5B3sI1AeR0X0Wfv-_2NZaOjhtkIdM_ZURHzu_eKfB180s-zOqUzy6WvJPpFUJ-jzQHnexa5K_oX1ejR1tEmx_JUw3OyTnMltLHSPzsLaod8XXJOfUiZxjtaeD30aH8UXiqT9MgwCCHmS2ukKb8iXDG7kiMmQ9WAKl26SC5rCa7EGlVcyaRVJ8pU8PUAquRibuH_iZt0VktkCBYR_OgfrJUxfD9J7jO8BzARc40S5gdYjmYS_BexI818zTBKjQgei86GPArfLTjNY0Zpf-3dpSaYteNpS0kzJuVMsGxyA2rROs9hNwHGOcD9S3OtdiOHrBOraG_hGzwmrhUdPKGs8L6od1ZjgPw2e_RATEbwLYYBQvlxD-gTqvBX4OAQ9t7pIOqpIf1Gu-6yarV5ozA8xd9sAbUl3uSNbNo-p1uxnom_E4hRiclnK7AB85q3wUtTQt_UfHTSoXXVEvCgqKROOsYkDWW49E1gV5C7kycuzFoWsREik7AJ3V-v1E-Z9m0l7ej1Ce0yPKksbSXaamTYWzX9BYLwdBKYJl8RV3vJxBTtXIJC9QTbRL057IKiFuePg-KkO-2WeWB-M9SVszOZigxZohwa1WOvu8K9NYwVISveHuKp7CRxhhC-Qe-FQSguXUxp0kqvmkQLcb133KbBeZUiIhdNyAxbqeRgcISlTVA4tOrQJW4be-hPR1wP3UqciMGnkhA_bdgtzlgnJ0vTx3KqURvNpGAaqyshGBMH_K1LgFAyipWkXUELAszTEyUx1q3AsKRaIutvQ-r05wyqGRMamwnD4WpFxE5yDT88O63mKONoa52e1kcUBy9w9_Pn2vA5_y4PImkGpfZEh06q-KEtkjaPPOyFaOnfAmg2kZdRBYHgPIqQ7NugwNluoD9DbzW4YRMl3p0j7UCaqzaUBrJEzC0r0vOuaqk20KFJYXjGba3S6JhMFzqrw4-TqHmUS-M0eV07IZuGVMJ_WXS_XVaeolTtGGnGRFM2pWVYxnz6s2Sns7Hz2IT2H02-w8xyf_VrZ6zrhDwWtItXDWTf0Dlh7FhNz-sJI5szrNxqjwCqJlw6gqIfJiZNVZkGv5BK4rojElCjFsN-bOWG-xgaJzyh917L7_T5wysZ9WtlGdpbOvnmCkkSe4D7rkjzaK8-bvMHvQeFVU0ImQNv-Mz7ypIVDV4U8FyxFb89818_dxKOWC7xEyC_okWxFFi-opZEXhdXDrO-J3llLNgly3atGt1VQTkXB8vVp5MoI80jfVvA-oktSopjXi8eiQnpWq4nMArFlg5GU517gr2PDvfOolzezKZP9l7igbjbd2KQPvjoTdNM__MPmvX7SvCb78PIrnmxSYq4I5GwNHvCXbIT3ZApLGc4CEuOOgToeWUB-tdWwvfyIASIICJU56nfxxKp-MSHJJFp9oFD0ShXN0aAkV_iqDrEUWmP-DDu1eyOxI_Qc0xEuoNbOJBE2YblyQXEEyrr0VTnUhWQjItAZ-SKRBHP-Pqn1x9YZo-ZhJZrT972OfssKdn1nUIVQ_LCGkeIh36dtVhSrkPUzTGmgVrrWS42xYNE1HfAVLASrB-U24-PoWLavWts_ICI15MkYH8HZ6PJHM57tCGoyHM8CYWWzSm-0mOfyxZXyO1l8H06o7nkMHp_sVEE2nl5ZU2XlTwPCnK9GkNiP1Vf0oiIFzIk0njwT7GaZMHgAZzuy9mGGauTsz7a5dwdtVHNHngZfdV7AeTayVL2c-yNa3ib6bJLOYtRiBfIeNOtwgfyNQH-ZCMT2r71WxGOxkUtuM8nq8UICVtn505U__ScsmcQy2q450zVNNLAZKDi6jVEPoyz5JrV6q0u8qL4ZHcpf6-44AFHmit3kYjcm-TPoD06hCPUnazvOafUTkEjFLGvfC-kwsLtu0JTPgXHnTHY_zxURl3vJ-1xFpRy1SwAKVkylk0EE7EY9aeRPkpVwRvywi1ftAHFxzKVtDKo9SdF1SqWRwEue3Xayna6TJlS0vvi7PmIgKegab__7bRqOwrIk46z9WeD4MLC5iouMWE6FgNPRTtQ0tVA2jfIS1Je-p8p_jN-jUEXGx9dkPOZoC9thrNJCVThs7Jo0n2DaSrxJKnWG_Xym6QkcUrc_gi9TF_w5BnLGcHBAHEhZkRiyrDhTggTKqEIj7sJzdwXpHbwnlNQ0rKHOc4qCbqKO3G9PtYzg6xWxnDbjP8OvywELXbkJDNAMZfP1Iql4ca6X9aTSdE4600m-m_ue5NpYCMUaiuqTQnvECn6d6WcVA-j5QpAom0hXYjJ2BJAiogh9HFHI-xq0Rim_NmO5Cc9lg1HPqilcxdy8bkJDa5INLiG703FYxBA2no8IAfdW8zLm2jHs7CsHqmCR8MiwrVP_lOdv-JhHsGWWczN-qxVCqQLtleGdVa9ow1sHKRrtlCqqgD_Z66qXPruSsBVZjXTMas9A83Je4awHjwK2_83z3mWsMMhLMalYGKOOrGqRG5X8BZhBczeMO8Dmw9HVQQdC4PJ7BeQheGJDQ-WHdlKlNIJhG4EWGzu_fetdKI74l1dZtQbpk-N9J5mZpVNGa-lKrhVmNAVTWumF1ieOB4g7OO0oH60PDVUM2fTdWRXzMltQ2L3rEzpbN75QZi5vNAPRWRtTYVSuL0U1LBHGZ7Was_6b98BccAZOJevvlN0dbg7jkr5allvtTlFU127W3jXLfzdrVF2K12eup2ufO7UlnKozM81wY9Xbyb9hTJXEAIazFGa2ur5skgQNsNDBAM2TiwCJB6sd0WizOkT7Y1N6bQHzATe7I1UFbXfh6u1e53i&cid=CAASFeRoDfHAhYFXkAWqVJNlDwzrSvPPdg&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca9bea1bda0b219fd691a15df69bc33ee69739ed484dd80627027382ed225a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30900
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7648 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ag5hRMvkQd3H5JP9WNJZmY6MBgwPmQukuYLVuVxPKHle0_BC4geJljtms6HzH0iu1T1x50Wr9Tly1EwgKQivL-A33mWSe9fSb7xDhKmoAKiZKaloI

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7648 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7648 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7648 119 KB
36 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 7648 68 B
345 B 11ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fl6v4ftg&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERILkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTM5YjQ1ZmVjLTIyNDAtNGFjNi04NTNiLWY2ZGMyNWEzMWNjNyJ9fQ%3D%3D&sb=undefined&cb=2859056&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA97 0
0 45ms
45ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkq63U8aZTpi94M4-vJQxpXssYy2xhym0dnMp7QEI1UIKERCSS33tVntGM3u1qWi3Pa3CSjx4TUi5QiDjtTQrxAiLXYtKunZaKvljznJ0NZDqiw9uCltrLriMEjJRoU-EIqU4M-rLst8Q6h4nzL98K4oU_2o8oTeM42lE_l_s649fiJwBUsIYcjUkZicNFK_AHlPO-puVgJ_2tbIVytiukvXYBMWxkfZ_Ihtt2ifFyJe5LhcFV3wWUP7To5YM8KDpw3gNZvIKO2YJLvpJdSgEC0o9c6IDF1qRzJtXGHFEeAByXdnOoxcyQInCh4KYXntATi5YAutW4KA&sai=AMfl-YTgaUls3Ny1HCOlXQufCvi1gBmYjst8ZaPKYi4xe49WBw2IiJ-vu1ibJkkkkHtjeYgQ_Bvwptm-ZfT8AbsQkdd9hFcoasyk5G140bhruvi8zCRtd7oPNicF5L7zbAo&sig=Cg0ArKJSzGMFwzm5IHmSEAE&uach_m=[UACH]&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame CA97 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame CA97 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA97 119 KB
36 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H3 200 5276211704115873767
tpc.googlesyndication.com/simgad/ Frame CA97 56 KB
56 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5276211704115873767

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520b0b93ff1616d86b726e866e24ec9a7d93fd31bdefeaf50c23de030b8f3aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:00:38 GMT
x-content-type-options: nosniff
age: 525423
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57205
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:39:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:00:38 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-19e43e99-17e4-4782-98eb-0a2ced1f5145&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3A%22%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22appnexusAst%22%2C%22monu_df%22%3A%220.00%22%2C%22ipin%22%3A%22HF96JM-DDS.E%22%2C%22auctionId%22%3A%22f773b7e4-17f6-435c-9fbf-defbd098c0c9%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A4410468141%2C%22sourceAgnosticLineItemId%22%3A5528971813%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22appnexusAst%22%2C%22cpm%22%3A0.000015%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A86%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1895 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWd4Pn3dj76kOcoJzS-59xiyxo1MlxtZg0Udbl2mmq4i2rUFGbmboCVJTkh6Q1JsKutsoFzR_l3gj7iMmWTpKyAAJq8lT36FebJtpyiM522-UCQTV5l4ZGe-eoUZ1h1S-OydmfGnD5SEpi46_8V8RTMY2JC2Y8jaYPjXaxPUZkhZ_Kmw5FNSSO6g5mhmGNoEssMtHMxHfVAY5zzc1jSVP14c-I2DIxuTYNFkBfQ25as5YXuqoNOD4PdlwolLaRv-muLgZKcMKZk9doAPGpceL5Fl0Po6p7jALY11FMPXEcEouHw7iZVq2X_q5AEZ1vb_4sqwgIhLLbhg&sai=AMfl-YQS2armSCl5ffdc71ASi9yiM2Mjc5cPpQSJudkoRSVZrhoaWC-xVdHPxQu2EWueB4NpJZCayqltFWPHWsGWK1OHr7pBMfzaBC8Eigtmo36_66OkBu2gq0Pr4mmxnps3&sig=Cg0ArKJSzEoOb9psajvdEAE&uach_m=[UACH]&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1895 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1895 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1895 119 KB
36 KB 69ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1895 0
0 50ms
20ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtW4iq6loMMLipaQ3kxxCb1qJUfNzqj9STdT1itm3SfwXRcvYH7p5StFTmP8XELTn4PJ3jj4e7yNDi0RleNalsdJDSXg
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 14600619953017912850
tpc.googlesyndication.com/simgad/ Frame 1895 41 KB
41 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14600619953017912850

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bd9217e97e5bdca98b4f057f7093a73995b2b970e3d2ad4dfdcea4a6b045b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:27:40 GMT
x-content-type-options: nosniff
age: 541801
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41815
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 19:40:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:27:40 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-d4882069-29b9-4c92-a730-5bbe18a8faee&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22appnexusAst%22%2C%22monu_df%22%3A%220.00%22%2C%22ipin%22%3A%22HF96JM-DDS.B%22%2C%22auctionId%22%3A%22b19bf8b5-dd16-433b-b36a-e4a0baca0b86%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A4410468141%2C%22sourceAgnosticLineItemId%22%3A5528971813%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22appnexusAst%22%2C%22cpm%22%3A0.000015%2C%22size%22%3A%22300x600%22%2C%22timeToRespond%22%3A218%7D%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 319ms
318ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=49501222263347&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDT.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&prev_scp=pos%3D3%26monu%3D300x250-160x600-300x600_B3%26directDeals%3Dsticky_sidebar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3Df4c10f84665959ae-22113367f6cb00be%3AT%3D1637690261%3AS%3DALNI_MZOV8wGZA2HsSpyGLysaRHi9DQiJA&bc=31&abxe=1&lmt=1637604064&dt=1637690261475&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=6413&adks=1965279838&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x620&msz=320x620&psts=AGkb-H9eqGVvDMAk0x0-fNgZ00AhwkL6pQCCvCTPCSP6JjoIKQTZ3uMAbcza-C34JDz2evym6gGy60cruPOtpoT8Kho%2CAGkb-H_apoM3kbnD5fFVVNr6Fhg6WGM_368-7MDJBN2vggYiRJl5swUbt5IDDioXZe0umsxz-sI7T6-Rv45IyCViuog&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6a5ececcb07ee4d2f3edaf096ad41bf3a6e29c76f9a0b3cc8916f3a82b8950df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11558
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4D5 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-1a46fdc2-a423-49ad-b6c0-fbcb224fddb9&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22HF96JM-DDR.D%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761908843%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 363ms
363ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=3530934378875566&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDA.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D2%26monu%3D728x90_A2%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.2%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D77a44e43919a5074-22eda1aef6cb00ee%3AT%3D1637690261%3AS%3DALNI_MZ5KhSsfaNci4vpdUQcK70gW0NsVQ&bc=31&abxe=1&lmt=1637604064&dt=1637690261533&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1192&adks=4248062349&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9eqGVvDMAk0x0-fNgZ00AhwkL6pQCCvCTPCSP6JjoIKQTZ3uMAbcza-C34JDz2evym6gGy60cruPOtpoT8Kho%2CAGkb-H_apoM3kbnD5fFVVNr6Fhg6WGM_368-7MDJBN2vggYiRJl5swUbt5IDDioXZe0umsxz-sI7T6-Rv45IyCViuog&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c85f63301948a22597d1db3060cda8e4aab5ae1d8882962984f96945e6734400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame BD11 106 KB
38 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame BD11 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame BD11 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2671688122751363&bg=!ICOlI2fNAAZQLpa_UC47ACkAdvg8Whgf23RN0DA-oBHTstWy6h3WOTJYa9f-Iw3tLwlMQqRj-ztQRAIAAACQUgAAAMZoAQcKAKbmEyyJkQiEycenSD5fC91aRExJjs90pnMYyloxWlE1tmj5ZSB94hnglR8m2FWAvfoLxubaf9GTT_Zz3Ff-Cptfyie50AlITXur80F-b9zf9B8AY2pazOGIMpHIUys9TXPR4zTgg3mtmXyg7J2M2BsZ4mbhewW-6LaYEzZeXj5sekCESfHWF_fACYA-0ua9fm7AtRy8dnogvVeULCjFgaBVLPTfefk5mQJsoMJAEVZisHKXOPevcY2133W5raTsa4MfUIe0O3t1rRppv85fY8laS8h6_ts-3l6aMNBuQs4wAv60fpMhtTuDqxQKXJRRtmSC3zk28ca8UceJnt5CauZVBXfs5aI6_2pZRpNc2QdU1PyvoSqw5TJCJS_PggHEpkqamSwVdJnZIFAoAqAG7D1EAeXT5NdaD_GvjaWKzN4kGwKilxnJTqYUIHrWuPSAtXgLESZN5zcgEexC5LNHCTTTecbeHRy6N8Z0KmbC9Gd37lOpYWSnfIqLOEOy1ZCr6gk1o5vOnrUlTcA_ymrX_iUnROblUiSzoTvLeb8FP2-e-ZAC87y-1a3HNpi-MGz_WirW5LyEpfwx-nfBik8wGKg-TNy45FjDRgM3dED5xF9vHd65bNY-xAZairQiBFh42qmWZhOrmJLBiKeNHbxuzSbSzl2EmyO23H-1B700bywT-c84hRuSUakemCZbGtsnvAlyej6vgnLMoa1yWCZUmkA4Jt3-rl7LHbhNTEUHWvv6gKwG1hUhLmLrPyI34YYorLHkGUTlglgeQNAZ4ltNgWBstvfX6RFdtD43NvSXcth4_puat3dzNu9vPr7Ut10gZPViWn2ZbpZKVIcgDVAAL-3_dqRhZhPxRAN0y6nnd2Y1wkeMbBoHzkJVH9HN8R7ALkv8mRYFSHWUWQ_LoH1RT9pCtAcQNE68FnVgKCWKr3GD4gf4fdi-4636uDwswSLI1B_uQMbNcWBayX_WfWI2ukQIF5JVAI-LTmkQLXarboTMdvMYlDkfzRzvTqLmSkTeadIjC_jcI-M7WXXJLY1Ac-zHjqM8M4k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A52
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

27ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYn-KUuwEwAQ&v=APEucNXA0vJglp_SG7PaRUL7ymdKQN44J55mKAPvImyd0wqt16cd3VKD8mW4bePneWQ7A_Nxp8io5wgsXOj3OQcNBdmExf_IMkVkia7oywAlqjELRuQ0cb87_JXO_tR2Awmg-RFYr0zpor5y0IY7s6dAsZa1WnxkhySSLBRq21VLz2YTJ2lRBPU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A52
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYn-KUuwEwAQ&v=APEucNXA0vJglp_SG7PaRUL7ymdKQN44J55mKAPvImyd0wqt16cd3VKD8mW4bePneWQ7A_Nxp8io5wgsXOj3OQcNBdmExf_IMkVkia7oywAlqjELRuQ0cb87_JXO_tR2Awmg-RFYr0zpor5y0IY7s6dAsZa1WnxkhySSLBRq21VLz2YTJ2lRBPU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5A52
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

43 B
1004 B

18ms
18ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIYn-KUuwEwAQ&v=APEucNXA0vJglp_SG7PaRUL7ymdKQN44J55mKAPvImyd0wqt16cd3VKD8mW4bePneWQ7A_Nxp8io5wgsXOj3OQcNBdmExf_IMkVkia7oywAlqjELRuQ0cb87_JXO_tR2Awmg-RFYr0zpor5y0IY7s6dAsZa1WnxkhySSLBRq21VLz2YTJ2lRBPU

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bce60c01-bf9a-48b5-b850-020d40491fef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A52
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

170 B
188 B

41ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 080a0945-00fa-4001-9f09-aca4c7a48eba
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 7648 106 KB
37 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 7648 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 7648 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9314
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

24ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNU1018MTcNy7JHTx4iau9yUvGUJb0RDP8rT4XEOFUf_Jc6OPPJnkS3xMsupO6u0tOTGhFjkDa_eqjwG2vi5KjMBT1JqdvLBnD4JKwQ4AjLPKLkc4MO6gD15ppoKLqX1926OLyw-5odgEqKJ_WPxOo33IsX6vsRpb7YXhu7Yg240kzs8VFg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9314
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

17ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNU1018MTcNy7JHTx4iau9yUvGUJb0RDP8rT4XEOFUf_Jc6OPPJnkS3xMsupO6u0tOTGhFjkDa_eqjwG2vi5KjMBT1JqdvLBnD4JKwQ4AjLPKLkc4MO6gD15ppoKLqX1926OLyw-5odgEqKJ_WPxOo33IsX6vsRpb7YXhu7Yg240kzs8VFg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9314
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

43 B
1004 B

14ms
13ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYpsraqQEwAQ&v=APEucNU1018MTcNy7JHTx4iau9yUvGUJb0RDP8rT4XEOFUf_Jc6OPPJnkS3xMsupO6u0tOTGhFjkDa_eqjwG2vi5KjMBT1JqdvLBnD4JKwQ4AjLPKLkc4MO6gD15ppoKLqX1926OLyw-5odgEqKJ_WPxOo33IsX6vsRpb7YXhu7Yg240kzs8VFg

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: beb83a77-deed-4566-b015-9e9e23ea3698
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9314
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 81858e7b-7aac-4262-9020-44a2ae573285
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1895 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvywwHkQgMAkt3ryb3feRzOTZ3XTg3PjXcfe1Q8Jwet-XVVBJ0tIDq5kt3m5G7Lhe2iEKPqAAziYJrN_1UcJITOCe3UAV5ISVumDv2EcQXUJA8PYX3i4yD6CPB3a9rSePQVQ63bbGAaoiuiEZy4plVXuvrnDNnIk5Q1ftXtrETpNevlxmz0CmPvs8R5AovbpS_gm8z542bOI3tkicQWxhbMqd3V4EjZvMbgIwWvMolzHufgJe5YYBeL0fuFbgn1Pyv--qOqbdHGOE5yVFm2MUcX-_BgkOVCnIo9nf0cdTu4s2m1XzzuASH9vNs_EA&sai=AMfl-YTficV7DbATaj-tlKcKwVCKMQJHJ72zRkAst4pf366W5BzZQspRixpv7e5dbGIa6heQI0SCbYY_8l6h6ESdZV20VWvpxMG5JwtcVvbdhdILIibn5p0tcjXjK7a9TRrk&sig=Cg0ArKJSzMiNuD57NEjBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
DATA 200
OK truncated
/ Frame 1895 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e346270399ccbf082d591f7eb7b985390d864423c82774b996c4a88a677c9bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA97 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSW4q3EU-qUmWLeD76RyiDmJ-pulnuV_m3_ucZkVexHPe6PLbdJiuJd-XGuFSB4griqPq4WxWQikRZzoL75o3LnNgJAyLj0devhdr-5lI4YCvHSY2sh5YeBPL8wLRaQowijek34MoVMLt_d4enGbZvGN7zEqvPxo9hOUddZ2ktyRx5qMViKSgBFpULT1r0pSIHcs5ZPMO6sjAUX7kuU9XykZ2ur0hlky7BqyHfzjd5GEmiSfw8rXs2Shy8xiyYNj4JC1LCfqO8AY1gUBhE0QekjZ9BkXLZOeyduAgh7km8c-6z9FFkwkbfm_WLSw&sai=AMfl-YQjcE9gr5yTBZSYbW5NhSNKYu0ZBZrw3rQrACqWnMUGrIVKqrDurSv3JQqjwKtimxIdGCl07pkcYEJmBDZXqaAogKvj-N-tTubLMbpktUWkbabfFR0YdN43ps4GNo8&sig=Cg0ArKJSzDOJx5fLXz1xEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
DATA 200
OK truncated
/ Frame CA97 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc8d1b983fc49854d710bd6626a38ca5a69c752158ffec957306ece255d3bc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6B07 624 B
299 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWyZ1F0WkK0FXyHidP_S54Vl4fBsKVKWoWGH4nX4wLdsrXsFng7z08Ejtsv4n2I8yB23SZ-msXKylKDSWUO4V08ptGccuFYDyt25iyJSEjhg1nCNT6RzYIAOHnDzU908c9LN2sloLxFoaLLpraEOr6lwbnzQ-vnmCs6PrRkYB49ODEATkQ

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C4D5 73 KB
30 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeuqEvKn3_K-Do_bEKs_Echk-r9Z0t7l-akY0tjYbHB8PkHk3jrwQn1Yl6HVfW06U5DFrZ29ksXjvYlS_Dq8Hg7d6k-4QNBr9PXxiGJCV1qjBbe8wIDeBkixk4fcBiu_WJZgCL2RBKcaYDqsNVl4M3Jwm_qw&dbm_d=AKAmf-ArJJ8MS8CTs0nTz3feaufhfjE1p2YZH4wOQ2HrHPA-n7MTyiq-vUX2pYlU6SUJeSyTgv7gMi3PLXXxnpOcpe5eU4fDV_EWEwG1_8HQZVsISuhrb1ZGPte36ShGW1VFEGEH4kiViMuFVbY276o6NDlpCUxaiVQRh4_wD82qkB0n0bpaE1B9XIBDCH_nHmr5IzIcsU8aE7PdK5Z_z4wibieY3MfhXnl2dKYYXqxNH2ksskzGucmGN_7Z-1MbPLmPNxrGTchjNbjpPvkhgLt-xnsB7Fi6TujhWDGjManVMbFxTmG1DO-EveUM5N_LmFfCTib9iHokGRMW-bOX4Maj16Olhw8ubxky3GX-A-WA-gVPLHCa1tPWco9YeYxez0kmJtg5Im1uPZneVzy-Zqhsvf41crqn302OL9RjevNB_p_wCOT99QY-rafjlGS0I_PcPLhMVrwjBIbyfJxHeZ7Pv4F-N_zpaJP7h_KVTLB67fFNiCkWc8Uwx3p5iKOtadebqhCx-1hLIYQDJXPXrie-infPFGwmuS294YOjbggEWR4_cHWb87Kv6pGay5I-_tL-Y26vTwSR7zD3Yzk28Oly_dLPjg16IykbkWyuhI4r1XK9g6vGE0wxc5kRVS4TgzPwo0Tp_cefyAGSL08lTGyqQPew2ipy_Zgpikf1LGO-MzqloOuSak4aw7_1lu0bkt89yVBKSLVz4x4eeiPkr2qA039F-RTY8g3BqSJdNOihJjQ1Dg2u9B2WVrePzJYvDdqpupdQd5-EU_Tj8O3eBSxnhZaTMN3UqkSK5JcY7DxEMioYQG45jxYe_2k6il3q_PXZ7uAQMPGA61EZLjt37pvBkBPT3hGma05dssUTxpUaNqLBPbMCDOwYATbujZrSIR3MLlOjYQFACh71y72kKMtUxzaKik2LiSIQ-J7R2RjKC3SK4rNO9HxcRSGH7MeVeHFygxVaI_Sn_a1G2FB6o-dxyA0w2t3loSZGI0UnAhHSs-mUhPsEcrHB-7vwQsOd-3qSKB7VgWQ-pJV4H11vRL_m03hR7wT9iJYSXD7Q1wEiM78_xs1gfm6_xKdjKo63T-L8vajMvNNbS0Rpy2EU46XJ22fWuOarM5QtvNoXaEjvouNY1Ftlb-_s4ywHNUaJv17b9sZCiqt9hL-difHWovEnMLGOWrcqeNbZp5QP3RwCuLYwQt8FfQiYgUGY3miWpmOXWFNnCq2GPixUchxFymwtCaVy5xxgZt2M-_R1Qf7uMVNlX10ocKCJySdoL8oyQmZIC1x1WNNEhjH37xMnqEaI9FHg_eVKdM4SpB3C71Zcv5eFg2KCjQ4f337Ul3FaNSmI8YMGV5WBJHRh8zyQRzBhZiYFasfvr2StLC-iULJfCqr2ozkrdj3w_xse2mexBrIkkQ3sSYy5zL15UeqqNPPK7mThqd2itOlkEyaEXMUVCrdpWRcLugTyH7eF1UzI_uGptnLmTl-aZeTCUR2gs7iu4ykWFZ8mJmgIC5eEg2ZcciuaRLAqYLwToNNFXjzpBmTeweLh7np-6TGCitDVW2gv5UrKda1iZ2TxtXYM5QfdQYiHuuUlXsC40Pq0YLWOvywBL1FziO71jCTuRttzjFUrSk9b100wTdRvLRFR-xf4x4i1nJJHGUe8KNnP6rNgpLuCnlNetHhWxUbzZTgwEWYnJ_aqOtYskIx9DDMdF_f5CNMn5_B9y5vzJyX5TUsdVAqZwt_UyJi7z1vAe8yF6192eV07b0G6OmUDuuQOfMCWxOnTCy6-Oe7Ah2XKtaKuenENMBu6Efev1jojTlYCF4zug-skACgovxT6Tegg3fxmHMiUkByR277ou20lJ792E0y-IcUS3udZr-jtbP_oHW9V5EKQ-IR-lANN1uqErwJtlcFLw8h9MiXK1i7f55CIpwIZzmSfNxsbDT5IYWwOPGdBngqTMSvimVoAbebKbL6nfKk0PaL7acHiBC3gR_yA_lRejPskYeFI0sRDUe7-FqwekvU4M-SnXcjuV2PTOrzwDm5EPsQFRUeCoWpfADybZFY4S_OXZxd7bd0UPKYRSaZ_YkfF-KtgyKtEz77D4pXFNmqts0oeU6yJ7h_6R6wQYNcjcPaO6VviWkAiUBjQx-Cbh7tsPEbr83QWF7IQU1I63iKoCgf8_1gjhET4cZCqQCWLkkox6NwxIeN8f5JgW6TwGArmZl8EVuk7qlWmMnIZ9KHhoYiBmKQacjBtymQtNrto7I3vTES89GuQ2wuyIhoP0Q47We1wpzeHgdw04h_OfN09eLmgNe-PtiYoNvtbL2h2F9lvkHS1p75N4w0gfMMN1Eosbr6W0oU3nqAzU66ktpGZkKNSe3No6dLa7VhY2Pexo5BWWpxKJZb2jyfakZrxuTc0FIj7mr9FAgUcU6gyLPhTP1OUq1mWzSCnJuQnDOuo45rV6KyUI_qMhH56dpcUfO7dbsGc_y7RRWCLg__tobiqx-OXl8sxdHEHU4SJ36GBtaLiFWeZdrlcm56_mKz_JlvqDuzLf7YR1NfHe6r6cNuJPqsyy4DPBENju6U34EXsLHaAb7geRorlr4hIkEy7sXooo6HQ-WgnN-JTyOh4g6ugEUEHb2lCyvSeqgMWQ3xrUCqj-DYAhV2mgsnG9hIDxUJm0tdJ4z6muL6m9T2foKexshZTAndlVC59UYAEcN_F50a3w9IJgmCsdqhkk0NQDryXdZ87Bo3kqC_59tq4spcsr5HDD_XqfvlGWeKf41rX3W7fln9sdo9VZiRVQkAXXzcM9lISVuidrF_8icZdkqHLJXqx0CjcOBgsXzkRflEKxad8rCDsky5ifTBcNAcB_VqwgOuKkbPmcJrJQnot_lahz560r3eYaBb17waOJrfOfz5Uuz3byIKk4wbIkB5hviAdws97OvAruRk58jB_UlKGRjm9f-B3cuLLx7ArkLUvT2SOTqrAPcyQCLJG381LFmzcvsrapW90Sauam8seXVqJ5K3A3t5Whyt0FrNT-vJr9yO8WaAjRn0pt8KucSM9Sbh-Q00OqtWX4by-VPgWCq6_BRFYWuyvfgdh6z7PflkoCyg_ahnIweeCWgEg8LnpSNEo3rr0BRSgIZmRw7Af2ToBoxElUtk_VOyhos7z94PCycvceDujREH2C6GjQLHTCj_Fv9fhy3vQbHIOIBF3u847jIM9JZYK9yT57yiKxZC9cuQigb5cWdCANBXVXttoYdpQJ2XrQ4XosSKv4oVRn4O80A9jQTpzkVZLB35WJVdNFwrOD5Ge&cid=CAASFeRotI4tJnuLwm6UX84l9t2xef5cVA&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21058f112746e4377b9de51eac84b90cf39cd87a98baf4c4720feaa6ac148bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4D5 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA6MySPfE4ZlkBaFHLksHlw35_HwB54bIvSxUZjZaO4akg9gfwB4DE1Soh_YMlk5CT2Gbr9FczWTCiRhPIJ5LD1YBhCECzY5ZbRy2yMq4BrcD2gZA

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C4D5 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4D5 119 KB
36 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame C4D5 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4D5 0
0 16ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDGiwPBnYfvXxypQKUd48W8ybTUIvUyr0y-Ye1D8n56WSs56haMQ0ylc91VM1-j-Syc6QbiPwxDXxCXcGPnx50kfw5zA
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame C4D5 68 B
345 B 12ms
12ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fl6v4g7p&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERSLkQiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTFhNDZmZGMyLWE0MjMtNDlhZC1iNmMwLWZiY2IyMjRmZGRiOSJ9fQ%3D%3D&sb=undefined&cb=2480176&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5928564145108410083/ Frame 0B14 11 KB
3 KB 23ms
8ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27a1ae63debbb1d821a3d93f3a110553b7a7714ebd272dc6e8915b3a9f4ab3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3309
date: Fri, 19 Nov 2021 22:38:55 GMT
expires: Sat, 19 Nov 2022 22:38:55 GMT
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 328726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD11 0
61 B 99ms
55ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxtpdk66w9acXzHR7nDLxKBEtH5iNK0VH60-uxPARBI7iRpY6-dJY7jO6rSf7bgY30rMNbSobKFNsA9tk8dq_srIEtR8ES8mS9VAB59VkTOokUAdOvbb4o4uhfNtiE7gfElYDhcc6usWuMhcVqXNMd2_DqH6PQzf7EEh2STK3hbJuWdASjVxu6pLmcbpoi4g3wJ8FQRmjWMQp5RjkIBv6h12s3Zlq_y9dtPlbMktVC6YzR36rYjkaCCaqSo6opZGw4fmKd-g20CUGFWXkJZOd06bzTjDK_IDPDxIfNQ8SH28G63GkPyMH5jPqYQUNyTxTeknKUb8zwXNF6aUQvf_e_oIXk-I5djOtzrWw_EbNEH8XXmvnSCD8g3XscmI3CLeEBNuZ1actftVzcG1Fm86PT3izSFtf1266J8qlr5nK1h7-8hXkYYtezRjJ-1Ur9rsWmNXtP8jbAOJURem629V9IGIpN71AYkOjNFWa4ulJ16JrOfQD48qli8zJnvlznxsFBpzPIHpksvveRXYenbBFN-7_eVYgp_LKqITaahkcGYlY0KI6jVi6y5nGEYPo6JxmqC8aqd3-qvyGYLbNitaR06NgB13DXOcmCFiL1byFVJ-QDRUFslvN02jI0y_gY5Dw0bXxEvOu27GcSpHpya8c-tqxD56SkEGCWp-BvhMoApsC0biD8y_BB1I7mX8_T2dFGKiGBB91KSsJY7GUAYbarYUTHbEHe8q5JUv-9VlYazh3uJ3Ye_7ZprEIFI18Gb9GciPzlK8EJGeUfNf73BMvBqcgsWYMckh5hEFrP-RWVzzxR1Q4KX0tPDDFXcgNcnpTlCFFLLNLDNKr7d7nJpwX1mQGywgTK1RIuRazPJAYHsOlcA_YTq5e3NV64Yvbq9HPT6qNk74W-pjPtgFq84KPnXkHlwh2f3je9or6fFBfmz5FyR6ZpGd0OuDdZzRYbnnAVKNZYmx_EN5P0dh4miXwSdoBs2aMlOndZtywrn3FySuGztn6AWsIDeYLHaSIpf7XomIVdo5WOGbeo-At9Ss_3ZfZYV7Zabr9TQr59J5GAF9VRk650dXzVLNEjN3RiTIH4hBQWG49ScaDoElAlwD9BTsh_77PV8mNwd_2OV1fAxL_5UGeJeRuczQBtx5FrlJPfB-f2T4G0F-GW30tSJe5vyk0Wz-d50Hv6eAfEODJFx2VtrfN3s9t-dA&sai=AMfl-YROXwM5mJHQ7QoAWvM29Q9gyMNgLbxBvP4iliItua9FsjOhoxdSaG6UNLHBJ_76tXreYND0MUSR_KkO445tR9c5JfI3uD1ej2zE4OXI5uu_EX6D66UHTUNUwIGY3XkduxlKT-dWfLiucmU5e6kJBhYJzglnKJsISEySpsc&sig=Cg0ArKJSzL-WRJyn-VZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=197&cisv=r20211111.37569&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 23 Nov 2021 17:57:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2463664828330245935/ Frame 2BE5 6 KB
2 KB 8ms
8ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/index.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90dd4a23d14e1918989fe6c949dc2ae07193043a7d97dcbf55b97cff3a8026a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2168
date: Wed, 17 Nov 2021 15:40:04 GMT
expires: Thu, 17 Nov 2022 15:40:04 GMT
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 526657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7648 0
571 B 77ms
51ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7WkUv--z5Vx4RZcg2o4gvL3vrJDtE74MZnTbWErD-aWNLl3t-yGTESUl4P-lvPmU1fUbwNBuoL_pVyGSR_zuS5Dumf0t0mf_lpVZhEw8l5UW-Qp93-0_tRdPkN9ZeRcw-quUIJ-LtrXQjchpiNHxC6zK_XGigXL5lTyZZy9yjXBORhF_4ITKL9PywjTiyCMs-i41oky07rrMBf21ZXEiiHpgs3cuGKwmsfXcl9iz_vTOPCy5SK8KRV5kcDQbhlbWdruz982L-V0u4xaW4yUzeECmFtpMJIQuHDnmjoF5vw0ScKSJELyePM_-9xZCo3rHO_dmx4tZv58vST6Hww6L4V0zQRFFzWazJ3ty2nvu0fhmkRdsRo8FmwX-e0Fqh_ckAXvaaYc5JXRYhjmP7up2v4PgrgZnnMVqiZMY6mOD0F8RSGilXmORv-7mk7PovFF_hDpuYyRHFeoze0J115qzBqudVVYg7NUalnHYXwkF8ZtVpy7beXFPRczQGDyu2oirEv9CDPbNOZi0DL1eUbx39lkPKIL-U6pK-32Fxt_QIYnwZM4eOS4CsddT8PC5JPg3AzNuqjB7X6A9oZrYjmaIBJ0HUlLmsBlqtwfenD0BsXM5FArb204Wg147Moq8xvzWK_3C7y3fUtC4ZgLBNLXAmckF5vpsWe8cy8BbNaqrv7Dfktwd9JToyFQmWPGkJ8hyqt5NhGJE-N_SsnjNQ5asvr6sVgBu02575mgzPlPfYxLXrqoBx1gDWm0kF1lbH6Vu5CpN_qVd5-Ko7TB5LijNt3651RpKyxcmS5g5mH4Groip0CmTyPPhCgtkNySyNYnCF8h4cLqUJL8Dfwqf-XsBhne5_2dfBOMCrGBIU6WOLe6-V9tjFiStHVXhaMWrqjKMHdFGLfum9lqtN2RtPZ-cUMU4DPa-Yx3mWOA8Av8i77IxSqiBZGPi4Qi9Bph79G78iBA7EXAYnlTiknO7dAI7bwlytbwcq3zpms9ALtiLEV8l2rLhzeeVS0O8fDvrL7rPNCzqSxmFWvfBetRqroQT7BqkulK87RxF-uZ1TXc3dxHyZfEf10Bh6RuV088loyAq7XkoQe3Kh0iuQCJMBXdVlvEqRxosZkWT3DZfkV5OS6q0UTLMoMnZrmXiIjGd2Zfd2cyixO19DQOhEh8Mhg6MnJnLvEd03E5WwhYwbvVw8aq5uUNPF68gfdA4BCOwx3tLl5bVEGA&sai=AMfl-YQZhU0zYbZVChFlUJDRfgWjNaEFH2g1wZD2hZ94CtTemzXocg7lf0WwRBIFuzwKTweyXS7Xx4AmuVhBjEqrFLQ2vASvzGb-JYdGYZm0B5Wlm6-cSPbzuA_9VzYYjkxWVYHmvSjQpsPnQMIHiEll9iJHYsQjYMiEy7Vzt7o&sig=Cg0ArKJSzPiz9c--Q5-UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=152&cisv=r20211111.07116&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 23 Nov 2021 17:57:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BD11 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
DATA 200
OK truncated
/ Frame BD11 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65ea26cf6efe8765ecda2277fb0227b7f7b7d0396f1082c5316050ec05434b33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 384A 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 8ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-167199e8-4d87-41db-a36f-057bf8ffae85&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22HF96JM-DDT.C%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761245653%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B07
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWyZ1F0WkK0FXyHidP_S54Vl4fBsKVKWoWGH4nX4wLdsrXsFng7z08Ejtsv4n2I8yB23SZ-msXKylKDSWUO4V08ptGccuFYDyt25iyJSEjhg1nCNT6RzYIAOHnDzU908c9LN2sloLxFoaLLpraEOr6lwbnzQ-vnmCs6PrRkYB49ODEATkQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6B07
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
1014 B

17ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWyZ1F0WkK0FXyHidP_S54Vl4fBsKVKWoWGH4nX4wLdsrXsFng7z08Ejtsv4n2I8yB23SZ-msXKylKDSWUO4V08ptGccuFYDyt25iyJSEjhg1nCNT6RzYIAOHnDzU908c9LN2sloLxFoaLLpraEOr6lwbnzQ-vnmCs6PrRkYB49ODEATkQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6B07
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

43 B
1004 B

16ms
15ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWyZ1F0WkK0FXyHidP_S54Vl4fBsKVKWoWGH4nX4wLdsrXsFng7z08Ejtsv4n2I8yB23SZ-msXKylKDSWUO4V08ptGccuFYDyt25iyJSEjhg1nCNT6RzYIAOHnDzU908c9LN2sloLxFoaLLpraEOr6lwbnzQ-vnmCs6PrRkYB49ODEATkQ

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9b953028-d179-4875-b172-b184d6c0c0c6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B07
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:41 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c8a84adf-5520-4d9d-ad6c-1aed4055f01f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7648 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
DATA 200
OK truncated
/ Frame 7648 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf2251a19e25b9fef01ba8af99ce0787fb6fb33939d7e4db1bb7235b85894979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C4D5 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 11:07:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame C4D5 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame C4D5 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:09 GMT

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FD1 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 8ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-2c4a27b7-b7ba-413d-bf53-82ee89a82e94&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.20%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22HF96JM-DDA.B%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761663483%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1555
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 19 KB
19 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64f2e67a1e120bcd4735ed1203d3e012b843ef3aa37516662280a57b4e7bac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19223
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 19 KB
19 KB 10ms
9ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5bab297c52a21f0c9c28fbc3e1cc3ddb674c2502924fe77a980fd31fee8bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19056
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 18 KB
18 KB 12ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4302d9a77ffe90d862721eb5749bc1b858d964f0a9aeac1ab6bf4cd07775d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18477
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 32 KB
32 KB 12ms
10ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

147d53c57e0e6f608761dc4a643878368988f8318bd8ac4613c24582cd2139bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32848
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 4 KB
4 KB 15ms
14ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

762514fce5a6e5d69777edc3258bf2c3c6a4c03840a0f88f1fda40859d61ec39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d65df0c2fc60fabbd9b67286a364327c72784f459b2f5fc288409d9a27a372a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3330
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19a322a6ce7f67fbeafc4643d7a82d74329ad1bfc65ce20b09bd13a8fb4ce93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4041
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 5 KB
5 KB 13ms
12ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bb07bfdbb9c8e4f74d67bf241759d4a3b6972513b5818da576106c8e870e62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5325
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 7 KB
7 KB 12ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e18b8bf2e860ed51dc54b018aed97602eb99d06a13752d4382f6a501cfba23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6836
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 95 B
122 B 14ms
13ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0B14 113 KB
38 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 17:57:42 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/5928564145108410083/assets/ Frame 0B14 2 KB
1 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5928564145108410083/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5928564145108410083/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328727
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Nov 2022 22:38:55 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2BE5 236 KB
63 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 17:57:42 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/2463664828330245935/ Frame 2BE5 82 KB
14 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55846fce19564c9ed6190bdd783d7636d881dde607db70cbfc8a55afeee9e12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14798
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 11:04:56 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A8AB 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A78 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 921C 624 B
297 B 23ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGK6S9bABMAE&v=APEucNVWaovU8Vl44aRK3_8kH0vOJZh7cEc9D5XN1I_hyls8OUhBv7NzWtJQuOeY3KynszUikGex-_wwYe2cpAqDNtmfnR_cZjgE_uxCMVH5i0FmkuW1AskM472k4tpI3GgJWuHGgAsofbHR2tJKShj5PAcDShFDhydGquU8RHLO3Uk93v2ftks

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 384A 13 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpDKSIOTZ5EVguS4giJJvD4duNXpMR5iN1jL4y1rb89iwVxmq9XsKfHq1dhELy5Na6ET4ao5BtKSdI8S7cDhEkaZEcgNd96--BE59bmFsWV_3UgWGeB46DnD9XFDWAJx1TqPd2XUUbPx8ZiPvI7qgxQ-RYRA&dbm_d=AKAmf-BbE2plS1gBQ2jVr2zDnPtUxETiyo1jjcSYOXQRxbQ5njetEMeaOVcjwuT5cQ8m_mSaqXEqatcGsOGvkUa-lt6sMSxpy4uAJdWHxpAFtNa3_ugw2ltwG57JiOqgstJgZ6XBpkr5k-FiSgpWKs54yGfBVTsAW1VcqDuSviovg3eomBuF-jaRnWmbXY2sP0OcKxUVvD347sAR95v1i57rH3BTfyVK2hsf3-7Bfth9Ib3RRAJ8FWC3ZdPD033HYqIwdWbR1bkJKB4Oq-c6sxGiLIBBTAFdEmOnTZtx5ACcQg1pkNGcduIyRA5fmB5siNn3oxr1N3GOyJHN1-TRupqqQOXlb8DHB0-Mv397UdY_5SeISbbMbn0pulB0A9BigEH0tdjnoCDIEc4cdr0aSmh88NyVfpEWSD6ozaEAhMFL3y8gcDZSRbhHvbtOTCkbMZru0oWIeFdHTx54AHe5yzooVZ1QJ8iewwoUzHrMKXQA_Ho-G7AZotBZoUFG6A0T3yYWlO9rghu0WfimxDyfzxlTdpT7asdjFqoxa-Y4wLnY8fIebTw9xmQT9ahushZq8nBLMIWxEuvliflXWNWi5-c0b2ioJUkn26HAhIZJ2K_LtsGfx8NQ18LoVZ3lviB7ZqD5vQE2CyZiysQx5kiui_uaSZfaCjBbceU08YTSVrmxFxabpNXXxBfBbWDcODLRN_FQLsV13mSxTf9F81S0GqYUIo8_BMcE1_3LSVcMSJ1koMc6GfZztis4UpolqLoHArayR9swkXsbtbhDxp1EF_8oqQHXbJJGgI4w0Ll3RMgHB7bm-JbiOzpW1f7V_BLgXve3hGTjQkazCZxSuAcbiYBpAJ_v1WDSgAuvwHl8n9GEe4jMfyIawNVhUqUrDbVr44m-6bJ6jEpu3QSvd3aYhhfA1zx_kJH7zqfAue_4B5_FHP7qopt4ODPTu7GBq2UDaJAIWY7jxYoYnlCByzMjubDBLQJiAGEaFFpSHD3s8EfEmcr6sg-O8z3QqZjLcW7sSiZgGCvJbMDuNe07cOrYgmQqA9n5imKJAsWmMUlZTUJ1wrAQ4pbgFqJ4eiPYHAfEPDnWcGxd2dCGaEtDT86bLG0mUHni_KvhO0qWEoDDMbkp73Sok7ItPg9N97LKQOgj0Q-wa5kgK482EKZ0uigwZqVqHXJ4iTa9sGYHnhYiKUVs5tIKg3W8do3ttxN2PC74gZHy19EpmkrhiZcQw3JPqbz3omm4cFckghWW2BF7NeTmlDtZ2dOvlPJ5kKViML5qwPeqxRlA0pyjj2chtjm8Z9CQRpo3i7yR0SiU852REO1G7XHawu-mBb5DMiVmd3dr2p9Wu71taayXazyVgf0tm7uUWuPjP8WNTvAKWkJ62Js3_eOWvTIDyg-veduUyDSVhcy9It1JqtxVEUZ9moEAbROAKMpPKXixcIeewhoZllzwC-FNce-mHl4pWUusZz68c7fnRMru8VehtTJ6h_sFnf1MSHA1PvHiuAy0HtC58QiJZ5XoKUfmNP0XXvPYMQD0Lq3FOGGSXAtnO7rziG6KcAGMmJyJd1Ej0NhtMigqL9vVpZCwZ29rO941IQzdNMi78O_hw5_2_qeQIDGffMmTMe83cdQmKxaeda4Q1kxjDbOwwnclOOkUeOzcH4_ZiERnD0Q_T_R0VcQmx1KdWi-GY6CTJVB4E7XA21OHYh1wxthkF9CuW_bkHXkxcfZe7iiwBT_-Nh6PaeF0_n0Hr2-rmsWRghuM4n130iPqwlP1z31-UckjAkFe3_MeffcXqo41RnCrojAUv0kygHSy80Nok-rONQSZ0NvVnjGVZWlPM8v_LqGzx5_dIADaKzb0e449OU3co7ZhUheMs14BXf89E4s-fIYp4pqKveRT2KcM5jICDNv2ssdI_sHBU71PnoKMWZbbYdc2VjpnCrkwpADY2Er2bSrpMIh-vBFTvlI3FuFriyBJdoBsEHGltNRM2nJjs2_4go1nA51k-kUm2CcIlNe5fhkoEsRmVCXeashwxDDiuXC-8NRqgSWhK_h68VD24IOnrgSCGZdUHn1689RMa5qp2qwYNUZzwSn_jka4iZk9CeM8uQevQCF-iluGdwCU5Vjw3ATeO_U_Ft3snr-t9GlVX-W0iV661PsYFO4jNpSNGKbcc6ld1u0E7UPLO65uRCn_mWsJ5jl8sen5LfGGZZvyRyYopInq0yDXhlCGxO2b6tkIN7wWeo9F6_gxfTvqFcEegqS290FCJOy1ha1tkTP-zbBbrkLYUIgM4aBxMv1790bCX8WpQuzP_n5byqgIznk7xzzrDDxydr54_3PqFbKMaSZDM1l8gElkLY8hup6rhA_glcWgX-URMGvEMPSUrJik1sORb4TAFesmxOGmh3RsIiReJKDY2SELTOzZ-ehuehwiqJWpfBGys54y-I7IcJ2CWwEDMKW1wzK3_o2FqW0KHkuA-klRzPnAlEbHJFn2Zj7QCrJCTUWyq1qshVei_tKkunvSvHpOAjz38ipXANylCGnnr0zM-BmmMZ558MxoyWeYdpmNxZfcO4acJNVngpIUc6sPhPbI598QMo9vwVvwHH4N-OmLQpzPDhGAMNGRnvng8u4PJr2C_DbBNUc9L3bLg2e0-B3s3mWD_4QcVCEgPLzt-xneEAUxZDjhwNzkgj0TJRRH-YxNv3O08fOyZ8hpcAJXmhxZocz4SRxl33VNQOZrW-Ilgw&cid=CAASEuRo6Lx8kkUaIj7x0GopX5t9Ww&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0242fe8467646c0395ec20d19a483047a2ccbb7a84af642a5f1f4c9c182d365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9643
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 384A 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLrNZiodwZBUJVaNGEPnnZU_HetRuBvqhiGtVhCxWBXsON9hEbuZqG7AwH4wgaV4VeWj2BG7QAel3P4EzkQl9Ey57h0vMHhyo7h7wAY-fzFpElP9Q

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 384A 2 KB
1 KB 63ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3758893&cmp=26194978&plc=309762279&sid=5775970&dvregion=0&unit=300x600
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:12 GMT
Server: Microsoft-IIS/10.0
ETag: "e066f48b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1168

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 384A 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 384A 15 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 384A 0
0 19ms
18ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoPiuM5VNByov5qZhrmrbegDH0lyX4ludvlv1fbUsdu6JxvV35DRdUqei6o_efK46fdwF0Hhg0J-rmIYs3lcVnEjyCNg
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 384A 119 KB
36 KB 236ms
234ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:42 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 384A 68 B
345 B 13ms
12ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31fl6v4ghs&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERULkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTE2NzE5OWU4LTRkODctNDFkYi1hMzZmLTA1N2JmOGZmYWU4NSJ9fQ%3D%3D&sb=undefined&cb=5554979&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12403946963978149558/ Frame DDB2 11 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc01323987c050dd4e410f0cc5c845502df1eaa1198f40ba5ffe1a36fa5ae52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3332
date: Thu, 18 Nov 2021 15:48:09 GMT
expires: Fri, 18 Nov 2022 15:48:09 GMT
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 439773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4D5 0
24 B 66ms
51ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfQBJk8dzSSLVLmkDEVkWtCuOPFNKUxl9Lvjwqq6ka9h45SSc-CP7yKaweQE4pnVMZ05_Wu35OgTSe8ujCDcDiWaNnOCfEV_bXa86egYVmNJfAQI74fdQA1wfcMMq4OPzmSiZLfYusAJM8nX0QqKgklFZm3gShqFYg-e3M7JDQj2DBnASW6CIB-yzdzsF5EQfJfIziaA3WJ_11j4hF2Js_CKpiH3KzkzTIjtK1TooubmcdJpTbdh6VaR8sMJqM1sLTeSXma_whOcG4z_v0Hxaa1ZoME8FvxOpV3k3J0L4v931FAqQwZ8-UmkVSEJbxBW9PH7ZlL2tZn_FRYVAYS_R-pYZVTL968QcWSgVVdhNnE_NuiawhpNb1vYcZuL7EgQIo0t3EZduOj-2Vt7IbKAbo_38SEHOYvRUUcjU70Rz9oqQv-9w2RyZavbtHjMFyUnUyQLR03b8mFD8zTHTypXKJTqChXRUMfFlLDN_8bgTpQRkSSYWN7pP_f6LD2wJGPGP7n9iGaEuEaTl0SWEP8ofBh0UkU_5ptKdUhaCYqMLB0az_HDijTOJ6wgu6T5RTgpSl5eHi2t8-0Rg5gBfy8RqvFU9tEepAf4gux9hbfR90qJelIpniTEphoqTZGoaGo9M915kZ-ad3TWEEb19GmA5-rFRR7zQU3Remb-0osyN4YOms8tAxuHwCqjfXJFWm4MfxN_mBqB0PutPTsrd7C3zOOfkZJ-qNYFNMc9vr-TLdy5pUSfGj8Zt3LABr5L69SyjuuXlCZvMvnE8dqtg5S6TSelMO_Fl-ytsftFCxocpOpF9ghDUEvIkEzavBKvGXMrGuqBLcLeL0pfNWYVJeXmzB407P5RcLlVxzuRbP6nx23yoVZ-WVfdZPYBC0M8vbg36KvopnQOMaxEbKNbI8ALZjJxia5_gQr9RIWfv3MpmYn3DKTSDgNhLpewZpU9T5lzF_Uhrkzu5hL9AGcl6c-Rg1e9hvCxx42u3RW3H7eHMqlZriinJh8p_dEAMq4cjsL3uhi0o54-330c-H2BBhhj1pK0Cx6SlznvK_2TZXz7j8y5ryTp4Imk_Eaha4ush_cWAWIO9aFRZrBDv1J6fCdXifT2k_7BRXnqtYfDbj6ww1ujcA4uezLHwuTR8YqVSrygSttVx8T6zy5AcpZHFH1KzmmcbI8uMgCeLEXRipFQ-Ri49vKTJ5h5F8h13A3LA&sai=AMfl-YQYEC1-vaStnedAdVRgKDpIjfYqDOKd4qEKfsCJ8Vk_44vJyyLGvc87wZFJxbuwqM-pylsdrYeZ35M24kgVIe7Wq0MpZjV-q-MdQayudx6t5R6-b8_QSzlrvQ7y4gXODQeIWqoBjVx4MdsUh9kH-3EC_DmYAaP1VIgDhRM&sig=Cg0ArKJSzFlfZhqDPebREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&cbvp=1&cstd=147&cisv=r20211111.03464&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 23 Nov 2021 17:57:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 btn_300x600.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/btn_300x600.png?1636459361941

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc45aa9165866407a8bc0b6b55b150c9b340398ae56e0a74008fcb35a1812b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:45:59 GMT
x-content-type-options: nosniff
age: 526303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3319
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 15:45:59 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7648 0
23 B 43ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7WkUv--z5Vx4RZcg2o4gvL3vrJDtE74MZnTbWErD-aWNLl3t-yGTESUl4P-lvPmU1fUbwNBuoL_pVyGSR_zuS5Dumf0t0mf_lpVZhEw8l5UW-Qp93-0_tRdPkN9ZeRcw-quUIJ-LtrXQjchpiNHxC6zK_XGigXL5lTyZZy9yjXBORhF_4ITKL9PywjTiyCMs-i41oky07rrMBf21ZXEiiHpgs3cuGKwmsfXcl9iz_vTOPCy5SK8KRV5kcDQbhlbWdruz982L-V0u4xaW4yUzeECmFtpMJIQuHDnmjoF5vw0ScKSJELyePM_-9xZCo3rHO_dmx4tZv58vST6Hww6L4V0zQRFFzWazJ3ty2nvu0fhmkRdsRo8FmwX-e0Fqh_ckAXvaaYc5JXRYhjmP7up2v4PgrgZnnMVqiZMY6mOD0F8RSGilXmORv-7mk7PovFF_hDpuYyRHFeoze0J115qzBqudVVYg7NUalnHYXwkF8ZtVpy7beXFPRczQGDyu2oirEv9CDPbNOZi0DL1eUbx39lkPKIL-U6pK-32Fxt_QIYnwZM4eOS4CsddT8PC5JPg3AzNuqjB7X6A9oZrYjmaIBJ0HUlLmsBlqtwfenD0BsXM5FArb204Wg147Moq8xvzWK_3C7y3fUtC4ZgLBNLXAmckF5vpsWe8cy8BbNaqrv7Dfktwd9JToyFQmWPGkJ8hyqt5NhGJE-N_SsnjNQ5asvr6sVgBu02575mgzPlPfYxLXrqoBx1gDWm0kF1lbH6Vu5CpN_qVd5-Ko7TB5LijNt3651RpKyxcmS5g5mH4Groip0CmTyPPhCgtkNySyNYnCF8h4cLqUJL8Dfwqf-XsBhne5_2dfBOMCrGBIU6WOLe6-V9tjFiStHVXhaMWrqjKMHdFGLfum9lqtN2RtPZ-cUMU4DPa-Yx3mWOA8Av8i77IxSqiBZGPi4Qi9Bph79G78iBA7EXAYnlTiknO7dAI7bwlytbwcq3zpms9ALtiLEV8l2rLhzeeVS0O8fDvrL7rPNCzqSxmFWvfBetRqroQT7BqkulK87RxF-uZ1TXc3dxHyZfEf10Bh6RuV088loyAq7XkoQe3Kh0iuQCJMBXdVlvEqRxosZkWT3DZfkV5OS6q0UTLMoMnZrmXiIjGd2Zfd2cyixO19DQOhEh8Mhg6MnJnLvEd03E5WwhYwbvVw8aq5uUNPF68gfdA4BCOwx3tLl5bVEGA&sai=AMfl-YQZhU0zYbZVChFlUJDRfgWjNaEFH2g1wZD2hZ94CtTemzXocg7lf0WwRBIFuzwKTweyXS7Xx4AmuVhBjEqrFLQ2vASvzGb-JYdGYZm0B5Wlm6-cSPbzuA_9VzYYjkxWVYHmvSjQpsPnQMIHiEll9iJHYsQjYMiEy7Vzt7o&sig=Cg0ArKJSzPiz9c--Q5-UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=500&vt=11&dtpt=347&dett=3&cstd=152&cisv=r20211111.07116&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 423F 624 B
297 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_BxgEQq7SEAhjOq5W7ATAB&v=APEucNU6IvFjXPTzSMaeRo9_v5jmPCrG2X6_KvO2J8GzdzpxLn6SiU0hxjAl2__dsUHpgGiXpwMxR9OuOrMBY9O5ncYHDTJeA_sNvzVM8hGfOwSs-ZWbzHyC8hSiimWmjcNzvTD15z6RLoiK_A1DCYMwwnLE6WF32CkkHPTfrNLXflLqDUpJLTw

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8FD1 55 KB
27 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAVeEEwY5NpawxvZTvtZfoZgtkmXV--hY1-NUcs4Wyiy6lY6IFX4pY0nIgjKCBgwKkxzeBFHv9XL-wG8plzJKesYHS4xJdlZ-c5Z-dIklCwIM7Qy9-lE9H168zJ6_NPT8TUC0-FWUpE3R_4_GmfArDOGAvww&dbm_d=AKAmf-CBgsjO0usFM6TNSzoSBX6A2la4qWOFY97OxSFKpuCfOzRY0-nLUE7pjS1l9JNwl8aLY68eyaXHA6AfO_qLZeKWt7VyKW-6YVCSkbLfKFaNozQrImTVZtFduwwgiv-P4_uT1iJF0qQcoWyR5SyTziwe3khrX86j6IXNvKL70Rb-an1f7VmIyY3pAYIZ6azoGKgYZ0Jfmb_I_A50wM_MSpzi3LgWR8bVArXROdKyKiZgvBTs4Z5xHKVCiRYA96uqbWffM7xreeRa_5FpE1ckPGpYgM2bfCRwMZ5J9q8JwCDfeqcMqAUasAdhyWo-MHDJK8P-EIeXyA7abRfH9mZ1Jxeqx44-llpyjY6F1AVRkcXMZSM2fPLAt3LOkKw032HDSWeKw02wAlxhgY8I8okbRfhgdO7OfgpdI7QaKaEP8vz_FVTWLQ3_L-iWf2PrcKbD8pRuasYlzNDQXtJYbvh9_Ya8-4u7ATPEnTBL4bP1NQoXG1Ny44rTuSi44iT0C8GHF1Ugh8cwI-vanE_AkVwYoBgyhY1Ln6bv6ZvuSPZhOla4qEu-esXWfzm9QTRazf737gql1f98en7L7ChpOs1q-4-o3qMnS_8j1uG8NIE9IUl29L36noz152QQRFKCNLFOhC3d4RkTxqtUEYij1V9_do-V1dEgjVWetoTEOfYslcreN4tB3XNjo7S-w9zuceFstNkzNs7dfs_5IaSY_L-nxZj8LWZ7JWhz_e-RJDecs8I0hj_X4FVRlb9YPPd1hEtCUw1qtXMzeMm6s0Np2p6PsNTWSRYF1wXZxzooyAN16RckvyK97DbG0xo0wWzZGitQWpDbtwsBwXoQG0StD27wCHw1gl3kPIGdha45qlEruri_bMyexHZaCXrBywRNe1sPB6KTp1NmESr2-7enekk1zdtVAzG7_wjqLmSU1qJsNHpjcXY7WiHz61UbbACzD24d-nxwYJERG18a0sZqBq86UImvogY89GYSoU7kE-Slry-Hye6iI3lapMpNfzUU4TXAd-oWz4bigc4Yrz4Wy3_uuSIxf7Dg-4tjzgM4IYjoxpGF8X-ciIExQd1QniG9nYwnLCKbsn0F3Bv0hqBBbE-LJQ8PBRIX63J36aW-fmCl4Uk_LSdLoPJ1lGRTBvew7MBMnVg0v2-v6MqE51IF2mYnGamK5CsWr0af6yxBEjo50XauGnEi2wB7u4NeKwty7-vWHqq-sN7kGZAPFws832xyf_mtP0c-KXv9v1J2Y4pFIJF5Wm1c9EZ1igC6zKYCTvDdMAc8ltCBW2vv2WXDo2KgeQL8RMXy_oMGrDGIXFt8HsW3P_oL0Dm9fMfZL9UPGGdlGifN56Jiwq-tS5CzaqwvuXkDFDTNOtW1m-B9l3LOllgay6UCD0X-a9rOU1xjm1wM931acFuwSfsQzFNHH2fpU_MfQGGCOMf45tJ6xhRnqMCyUq62mFK8z5nfeY8LmNhUwTyelOe0IZyk-nKfs_vpqGfXIl6cTV6JYDCWyZzcVGHriHvMlNZ25Ql-UTBX3xYpZtWEKFHTL259y9IzmfkvOp3ZW73s9OLZxyLa3mGdTwUsPKzL5OfhK1wrsciEVmQMKymClt5EDr2b_GApDZs9nVRt50f-9sCyvyN1184_YqWWU_fKCF83uF-WXy_IZi3OWgmZFCRrQt3DpUsXrq3Pbil1dM2_c87Lhs9VrEdQ5yMe1MkvU2AJuAPcbM9dqHrBKAYfYsawjrLYnvmSll72O7ZlwZ6q6lX_tpP3EAqTs_AixZUi51_tOzMJyBuQU_FJNkrzX92UwDvHax7OLfj-0CBrMAEKNW_3waZ6lif622VJez5LXAdAuiaIcyZBhgiQufzOFPR51VKr4z7kXEJE1gmI3uKbz-7pPbduGWiR0QlCjcrHRo3-IEZv-4DkNAPUTXW_yP8WtKsAtRBZMbvYBBx8FzzRGqkTHTCDXi59fdQaUoi4aqLUTycL_LoEeU9OW4tNnqIuElSZukqClyJNbkVX9G4pjvf0WWX-9YWy0JaWc3uJpxVkyIICKF49tjBX-VNsZ6b3GG4STgpo6PUYCZVawtYxc39nV-i2rE8T1ra-ap_oT7V_-Y8fj5HfVCyqiww7kp6O54xIagBHzizSSmzbC-oRxGQJ3yMKceb77p5by41xrJFsl-AASDutPXt33L6NNWTplMzgZQ2OlRP7oAcOYLtEP2aMopC_ck536ylMR_oGc-dGsGd8AKJ5mvnpePOkVQP5uKbY8HmeYvDD2xZ6eYgra8OaT-WF2FjN9U4OIwYIKkprb6CHNzhe-RKtrLb9HF4h3hBB1T3IirK8ngTD7-bu86wzK76OP9jTbfSqjnMblBTfGHmGkSpuagZ52qAS2RLkjzLbnTMKYrseraLRWk7k7qqkANRpb26nAmxetefBvr30vXQSqyJbBlat46VSfya85OyVc-ivhOmoSuNrj1aEifQ36U5_4zfTxxITGWSfJ9WCYPQDbEjpsouwYMP0HX8TX1dqEpu6fe8-VXWq6maChoPZAIDcx4aHG4bmqBuJMVmuqOm-Rtjauy-ZliOphNNVY7sIGFdjxqJVA7OOFMCmGy0wLOPfeTxfwdNFmqBCvHJakeyWnipJC6CdRECohBtdSEphKcGChjgpaIj0vnWzC93_j6ePwPZRRV3kV8eMkgxwm6UABmci13X917JV30PvdCiXrJAaNfWKJaH4tb7bCM-ExBLzha6qOD325py3vPU_lebBfJ331BnwS7hfs0pOYznu99aDXF_AL9QILOC8oHd04dxwNbQL-P7Mo0cHoqcvGGENdOA8ybt6eTrK_fB_7OyKNGvNXaPOKoIAAbJYJQFuEoAg0SVMbqHnj7VVe3q_btPh-m5s8ebB7i3YAxG6DXUsPa156zb6CmbdVFxu7Vc4WN6JdV-c1TRorhjOPta-Vxdraxt9qlJuJvmhXXzzUUR6noK9e-d64muFTSDA3rCuLvC1Q-AX6mBptWHUNC7APonnlmAQp1SK1XI1Cpy3q1Ta867fwArqapHAkLgrNLRzFvZiK54IM09t5SqvpnU&cid=CAASEuRov6EuB8p3-6t_BKsYba_FMQ&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18a68496a3b2112ef25280442a1532c7c60aa47b9e4b479760a08af600e5a339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FD1 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjpbcAYICwrX9k309dh-OKur82t-2iXqWwKCSa5WaOC4go5dbgY69YD69bMxSHfteIOzrbc-7CXEkT-X1F5dSNLWYKdX9T9Uo3X8c7ZB4ZK1kVlxM

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8FD1 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8FD1 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FD1 119 KB
36 KB 119ms
117ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:42 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 8FD1 68 B
345 B 12ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31fl6v4gle&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERBLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJjNGEyN2I3LWI3YmEtNDEzZC1iZjUzLTgyZWU4OWE4MmU5NCJ9fQ%3D%3D&sb=undefined&cb=5620924&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BD11 0
23 B 45ms
44ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxtpdk66w9acXzHR7nDLxKBEtH5iNK0VH60-uxPARBI7iRpY6-dJY7jO6rSf7bgY30rMNbSobKFNsA9tk8dq_srIEtR8ES8mS9VAB59VkTOokUAdOvbb4o4uhfNtiE7gfElYDhcc6usWuMhcVqXNMd2_DqH6PQzf7EEh2STK3hbJuWdASjVxu6pLmcbpoi4g3wJ8FQRmjWMQp5RjkIBv6h12s3Zlq_y9dtPlbMktVC6YzR36rYjkaCCaqSo6opZGw4fmKd-g20CUGFWXkJZOd06bzTjDK_IDPDxIfNQ8SH28G63GkPyMH5jPqYQUNyTxTeknKUb8zwXNF6aUQvf_e_oIXk-I5djOtzrWw_EbNEH8XXmvnSCD8g3XscmI3CLeEBNuZ1actftVzcG1Fm86PT3izSFtf1266J8qlr5nK1h7-8hXkYYtezRjJ-1Ur9rsWmNXtP8jbAOJURem629V9IGIpN71AYkOjNFWa4ulJ16JrOfQD48qli8zJnvlznxsFBpzPIHpksvveRXYenbBFN-7_eVYgp_LKqITaahkcGYlY0KI6jVi6y5nGEYPo6JxmqC8aqd3-qvyGYLbNitaR06NgB13DXOcmCFiL1byFVJ-QDRUFslvN02jI0y_gY5Dw0bXxEvOu27GcSpHpya8c-tqxD56SkEGCWp-BvhMoApsC0biD8y_BB1I7mX8_T2dFGKiGBB91KSsJY7GUAYbarYUTHbEHe8q5JUv-9VlYazh3uJ3Ye_7ZprEIFI18Gb9GciPzlK8EJGeUfNf73BMvBqcgsWYMckh5hEFrP-RWVzzxR1Q4KX0tPDDFXcgNcnpTlCFFLLNLDNKr7d7nJpwX1mQGywgTK1RIuRazPJAYHsOlcA_YTq5e3NV64Yvbq9HPT6qNk74W-pjPtgFq84KPnXkHlwh2f3je9or6fFBfmz5FyR6ZpGd0OuDdZzRYbnnAVKNZYmx_EN5P0dh4miXwSdoBs2aMlOndZtywrn3FySuGztn6AWsIDeYLHaSIpf7XomIVdo5WOGbeo-At9Ss_3ZfZYV7Zabr9TQr59J5GAF9VRk650dXzVLNEjN3RiTIH4hBQWG49ScaDoElAlwD9BTsh_77PV8mNwd_2OV1fAxL_5UGeJeRuczQBtx5FrlJPfB-f2T4G0F-GW30tSJe5vyk0Wz-d50Hv6eAfEODJFx2VtrfN3s9t-dA&sai=AMfl-YROXwM5mJHQ7QoAWvM29Q9gyMNgLbxBvP4iliItua9FsjOhoxdSaG6UNLHBJ_76tXreYND0MUSR_KkO445tR9c5JfI3uD1ej2zE4OXI5uu_EX6D66UHTUNUwIGY3XkduxlKT-dWfLiucmU5e6kJBhYJzglnKJsISEySpsc&sig=Cg0ArKJSzL-WRJyn-VZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=638&vt=11&dtpt=438&dett=3&cstd=197&cisv=r20211111.37569&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C4D5 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
DATA 200
OK truncated
/ Frame C4D5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd98444e75e687006110aabf16507b71a7359c08e65a4e99eda552475e60198

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 384A 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 921C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGK6S9bABMAE&v=APEucNVWaovU8Vl44aRK3_8kH0vOJZh7cEc9D5XN1I_hyls8OUhBv7NzWtJQuOeY3KynszUikGex-_wwYe2cpAqDNtmfnR_cZjgE_uxCMVH5i0FmkuW1AskM472k4tpI3GgJWuHGgAsofbHR2tJKShj5PAcDShFDhydGquU8RHLO3Uk93v2ftks
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 921C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

11ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGK6S9bABMAE&v=APEucNVWaovU8Vl44aRK3_8kH0vOJZh7cEc9D5XN1I_hyls8OUhBv7NzWtJQuOeY3KynszUikGex-_wwYe2cpAqDNtmfnR_cZjgE_uxCMVH5i0FmkuW1AskM472k4tpI3GgJWuHGgAsofbHR2tJKShj5PAcDShFDhydGquU8RHLO3Uk93v2ftks
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 921C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

43 B
1004 B

16ms
15ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNrHLRDe5dcCGK6S9bABMAE&v=APEucNVWaovU8Vl44aRK3_8kH0vOJZh7cEc9D5XN1I_hyls8OUhBv7NzWtJQuOeY3KynszUikGex-_wwYe2cpAqDNtmfnR_cZjgE_uxCMVH5i0FmkuW1AskM472k4tpI3GgJWuHGgAsofbHR2tJKShj5PAcDShFDhydGquU8RHLO3Uk93v2ftks

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fe563f50-4368-49cc-812b-3670be108f6e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 921C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 40df2630-383e-4cce-b426-f7c4bd9513c4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 fx21.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 29 KB
29 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/fx21.png?1636459361941

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6ce547a81bbc60cfcb4886914e7233bc79d8afbddbf5e6bd759034c59335064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:38:53 GMT
x-content-type-options: nosniff
age: 562729
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30146
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:38:53 GMT

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 9 KB
9 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 6 KB
6 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da9d256b7a0d5b69e9fddb56491463fecc0ae806c15a58f703cc00475c65c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6216
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 15 KB
15 KB 11ms
9ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131fc94431963db2aafd9df8e135a76ff12eb7a9c1701196a48c7c08aa1145e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15624
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 12 KB
12 KB 19ms
17ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257ee5eb94e65ae5ecc318ff256cf717b723e69844381ba1d217e56e385f5aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12191
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 3 KB
3 KB 17ms
15ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800b5e93616451d2bf1d5d1c21c827d92af53762800cbe2fc774ede2a48ea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2672
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 3 KB
3 KB 19ms
16ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

480cc82812c36e795d6ad86fb4627351331396178e063c8ac711366c0cc40df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3422
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 3 KB
3 KB 21ms
19ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 4 KB
4 KB 19ms
16ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 4 KB
4 KB 19ms
17ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 2 KB
2 KB 20ms
18ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DDB2 113 KB
38 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Nov 2021 17:57:42 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame DDB2 2 KB
1 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Nov 2022 15:48:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8FD1 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8FD1 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:56:58 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8FD1 0
24 B 51ms
51ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu54czuWrDasvZWGS4lncJl444qo6el-9V9EogH-DjUYA3BBCNia0pe5sDsMMqluyzK27c2-5n_T71k43KtDoS2zNi9mew9N0hNH1I6flgRpPzQg6pr4W5oosyKn_D9YBgLzAJDhNsNKhDyj-SmcIetStjp5g6w9cFTK4X5WwSQLa686RhzDgizJ5phmqzL9xf6V9Hh6ikWROKVx6KWvA-aKZ_SuXD1R0kWL7xrjCGtXENJ6C8wsIKorkStsXBxRDq9I_J9gYMTrau_YKVJTMQkd2yg4CbNktM2vJ2XSgRDlaPPDB4cr8TyEwiBaU19PDKcbY3AR7hu8uzY3KB1rSuMvGzTY5ZWKL4y7AnqA7KSkijzFVwQtlhgbehdwa61YoBoZuXacLnbSuRjvuLCuQP9wwb0bXZmuBHNoroyMUqfdroDZGOoiSoTt23F3Oye1UxoG3rRhgN63MUPMtw3iuz26ZAju9UxsUBwrv-46VmuyQHQjUMQqwdLSHwvNQF9Gk8rNfuNRpN29r4dw5Ji97eG6uC_gHucZed_Y27j307FNyai7kj1icuOrnaT7PdQfdb6CcYcn2caULpIw8xqaohDHBRTgZEOfdHcGukJt02U1srpae3ZUfJrDGeuzJ70JBcAgr5O5RYv7pdAShTGeXcPbwfotdB6rpTzXV_WMhpja1Xbj7vMYfwRsc6XuTELQWNO_3ecSbb2h1vLSs54dbt0FxyBs_XIuVKcKBaNqFj1Rh8XsAtQPLZWlgTZupLhDVnh9MAAkSGHtyJo9rLdrRpcVTp5De_ZqARHWupgRg4dbzzu5TFz0YaIaZH95pgkWwGf-ZGet4SdC1HRbN2qSnOtXFXjdLSWbLt1XBzeP_xTwUXr2xKpyQTzrBL6K4yOlSNTmBFajBPGUz-7enwm6TTE2lNncno-GG3jE56Dye9qQETi0S0ITaWu5vsR6L4TTnGJ6T8dMk4-3EFT5Ris1Q9drVFGyHj1-GphVMZpZAI_wPZm7ILg7DRqWUy29_5KDbQ2Y_1XriPgCEFqdBAihr6RVbJxAFiwKKflX8b4IAOBxmj92NnXYWYKbBnH85ZxRE4TnXxIn0_NjaiVf7NXGa7xvyfacdgB1cMMPfKYp0JpjtTNDJs8wwcVaIcehHCKtCTW12eMbB9xQIb4mG1YMVlr9ON3oWAKWI7sa-ItqbIczvsLBdyrWGvDDvNzpFPmYjGOew&sai=AMfl-YTpioz_8xF7i4nV_URiTKVUcezTuwpq7BoEdYV-tfMWFFTBOnjInDYHKMzytE9o_FgF7kh8wWSl0NQZncx2B8l32TcNl1SBLcVzUUDUs-KKqQpaFafWvk2lkrbmGWQdBZpQACrFctJT6MsmzSuLkOZ8BctcHg&sig=Cg0ArKJSzKTazzeKIIy-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.77054&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAVeEEwY5NpawxvZTvtZfoZgtkmXV--hY1-NUcs4Wyiy6lY6IFX4pY0nIgjKCBgwKkxzeBFHv9XL-wG8plzJKesYHS4xJdlZ-c5Z-dIklCwIM7Qy9-lE9H168zJ6_NPT8TUC0-FWUpE3R_4_GmfArDOGAvww&dbm_d=AKAmf-CBgsjO0usFM6TNSzoSBX6A2la4qWOFY97OxSFKpuCfOzRY0-nLUE7pjS1l9JNwl8aLY68eyaXHA6AfO_qLZeKWt7VyKW-6YVCSkbLfKFaNozQrImTVZtFduwwgiv-P4_uT1iJF0qQcoWyR5SyTziwe3khrX86j6IXNvKL70Rb-an1f7VmIyY3pAYIZ6azoGKgYZ0Jfmb_I_A50wM_MSpzi3LgWR8bVArXROdKyKiZgvBTs4Z5xHKVCiRYA96uqbWffM7xreeRa_5FpE1ckPGpYgM2bfCRwMZ5J9q8JwCDfeqcMqAUasAdhyWo-MHDJK8P-EIeXyA7abRfH9mZ1Jxeqx44-llpyjY6F1AVRkcXMZSM2fPLAt3LOkKw032HDSWeKw02wAlxhgY8I8okbRfhgdO7OfgpdI7QaKaEP8vz_FVTWLQ3_L-iWf2PrcKbD8pRuasYlzNDQXtJYbvh9_Ya8-4u7ATPEnTBL4bP1NQoXG1Ny44rTuSi44iT0C8GHF1Ugh8cwI-vanE_AkVwYoBgyhY1Ln6bv6ZvuSPZhOla4qEu-esXWfzm9QTRazf737gql1f98en7L7ChpOs1q-4-o3qMnS_8j1uG8NIE9IUl29L36noz152QQRFKCNLFOhC3d4RkTxqtUEYij1V9_do-V1dEgjVWetoTEOfYslcreN4tB3XNjo7S-w9zuceFstNkzNs7dfs_5IaSY_L-nxZj8LWZ7JWhz_e-RJDecs8I0hj_X4FVRlb9YPPd1hEtCUw1qtXMzeMm6s0Np2p6PsNTWSRYF1wXZxzooyAN16RckvyK97DbG0xo0wWzZGitQWpDbtwsBwXoQG0StD27wCHw1gl3kPIGdha45qlEruri_bMyexHZaCXrBywRNe1sPB6KTp1NmESr2-7enekk1zdtVAzG7_wjqLmSU1qJsNHpjcXY7WiHz61UbbACzD24d-nxwYJERG18a0sZqBq86UImvogY89GYSoU7kE-Slry-Hye6iI3lapMpNfzUU4TXAd-oWz4bigc4Yrz4Wy3_uuSIxf7Dg-4tjzgM4IYjoxpGF8X-ciIExQd1QniG9nYwnLCKbsn0F3Bv0hqBBbE-LJQ8PBRIX63J36aW-fmCl4Uk_LSdLoPJ1lGRTBvew7MBMnVg0v2-v6MqE51IF2mYnGamK5CsWr0af6yxBEjo50XauGnEi2wB7u4NeKwty7-vWHqq-sN7kGZAPFws832xyf_mtP0c-KXv9v1J2Y4pFIJF5Wm1c9EZ1igC6zKYCTvDdMAc8ltCBW2vv2WXDo2KgeQL8RMXy_oMGrDGIXFt8HsW3P_oL0Dm9fMfZL9UPGGdlGifN56Jiwq-tS5CzaqwvuXkDFDTNOtW1m-B9l3LOllgay6UCD0X-a9rOU1xjm1wM931acFuwSfsQzFNHH2fpU_MfQGGCOMf45tJ6xhRnqMCyUq62mFK8z5nfeY8LmNhUwTyelOe0IZyk-nKfs_vpqGfXIl6cTV6JYDCWyZzcVGHriHvMlNZ25Ql-UTBX3xYpZtWEKFHTL259y9IzmfkvOp3ZW73s9OLZxyLa3mGdTwUsPKzL5OfhK1wrsciEVmQMKymClt5EDr2b_GApDZs9nVRt50f-9sCyvyN1184_YqWWU_fKCF83uF-WXy_IZi3OWgmZFCRrQt3DpUsXrq3Pbil1dM2_c87Lhs9VrEdQ5yMe1MkvU2AJuAPcbM9dqHrBKAYfYsawjrLYnvmSll72O7ZlwZ6q6lX_tpP3EAqTs_AixZUi51_tOzMJyBuQU_FJNkrzX92UwDvHax7OLfj-0CBrMAEKNW_3waZ6lif622VJez5LXAdAuiaIcyZBhgiQufzOFPR51VKr4z7kXEJE1gmI3uKbz-7pPbduGWiR0QlCjcrHRo3-IEZv-4DkNAPUTXW_yP8WtKsAtRBZMbvYBBx8FzzRGqkTHTCDXi59fdQaUoi4aqLUTycL_LoEeU9OW4tNnqIuElSZukqClyJNbkVX9G4pjvf0WWX-9YWy0JaWc3uJpxVkyIICKF49tjBX-VNsZ6b3GG4STgpo6PUYCZVawtYxc39nV-i2rE8T1ra-ap_oT7V_-Y8fj5HfVCyqiww7kp6O54xIagBHzizSSmzbC-oRxGQJ3yMKceb77p5by41xrJFsl-AASDutPXt33L6NNWTplMzgZQ2OlRP7oAcOYLtEP2aMopC_ck536ylMR_oGc-dGsGd8AKJ5mvnpePOkVQP5uKbY8HmeYvDD2xZ6eYgra8OaT-WF2FjN9U4OIwYIKkprb6CHNzhe-RKtrLb9HF4h3hBB1T3IirK8ngTD7-bu86wzK76OP9jTbfSqjnMblBTfGHmGkSpuagZ52qAS2RLkjzLbnTMKYrseraLRWk7k7qqkANRpb26nAmxetefBvr30vXQSqyJbBlat46VSfya85OyVc-ivhOmoSuNrj1aEifQ36U5_4zfTxxITGWSfJ9WCYPQDbEjpsouwYMP0HX8TX1dqEpu6fe8-VXWq6maChoPZAIDcx4aHG4bmqBuJMVmuqOm-Rtjauy-ZliOphNNVY7sIGFdjxqJVA7OOFMCmGy0wLOPfeTxfwdNFmqBCvHJakeyWnipJC6CdRECohBtdSEphKcGChjgpaIj0vnWzC93_j6ePwPZRRV3kV8eMkgxwm6UABmci13X917JV30PvdCiXrJAaNfWKJaH4tb7bCM-ExBLzha6qOD325py3vPU_lebBfJ331BnwS7hfs0pOYznu99aDXF_AL9QILOC8oHd04dxwNbQL-P7Mo0cHoqcvGGENdOA8ybt6eTrK_fB_7OyKNGvNXaPOKoIAAbJYJQFuEoAg0SVMbqHnj7VVe3q_btPh-m5s8ebB7i3YAxG6DXUsPa156zb6CmbdVFxu7Vc4WN6JdV-c1TRorhjOPta-Vxdraxt9qlJuJvmhXXzzUUR6noK9e-d64muFTSDA3rCuLvC1Q-AX6mBptWHUNC7APonnlmAQp1SK1XI1Cpy3q1Ta867fwArqapHAkLgrNLRzFvZiK54IM09t5SqvpnU&cid=CAASEuRov6EuB8p3-6t_BKsYba_FMQ&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 23 Nov 2021 17:57:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FD1 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H3 200 5477291186771460291
s0.2mdn.net/simgad/ Frame 8FD1 66 KB
66 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5477291186771460291

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

635dce808beb2af74700396f0b9f7c9e7994c8a83d357ede052be9420623459f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 13:17:13 GMT
x-content-type-options: nosniff
age: 103229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67542
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 14:36:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 13:17:13 GMT

GET
H/1.1 200
OK dvbs_src_internal100.js Show response
cdn.doubleverify.com/ Frame 384A 56 KB
18 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 17:57:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fb3411b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18242

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_BxgEQq7SEAhjOq5W7ATAB&v=APEucNU6IvFjXPTzSMaeRo9_v5jmPCrG2X6_KvO2J8GzdzpxLn6SiU0hxjAl2__dsUHpgGiXpwMxR9OuOrMBY9O5ncYHDTJeA_sNvzVM8hGfOwSs-ZWbzHyC8hSiimWmjcNzvTD15z6RLoiK_A1DCYMwwnLE6WF32CkkHPTfrNLXflLqDUpJLTw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 423F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZ0rldESqkOD6rApdX64nAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1

43 B
894 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_BxgEQq7SEAhjOq5W7ATAB&v=APEucNU6IvFjXPTzSMaeRo9_v5jmPCrG2X6_KvO2J8GzdzpxLn6SiU0hxjAl2__dsUHpgGiXpwMxR9OuOrMBY9O5ncYHDTJeA_sNvzVM8hGfOwSs-ZWbzHyC8hSiimWmjcNzvTD15z6RLoiK_A1DCYMwwnLE6WF32CkkHPTfrNLXflLqDUpJLTw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 17:57:42 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEERFeYWRoocYr0qgbRvg1uY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 423F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

43 B
1004 B

16ms
16ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_BxgEQq7SEAhjOq5W7ATAB&v=APEucNU6IvFjXPTzSMaeRo9_v5jmPCrG2X6_KvO2J8GzdzpxLn6SiU0hxjAl2__dsUHpgGiXpwMxR9OuOrMBY9O5ncYHDTJeA_sNvzVM8hGfOwSs-ZWbzHyC8hSiimWmjcNzvTD15z6RLoiK_A1DCYMwwnLE6WF32CkkHPTfrNLXflLqDUpJLTw

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0d6a0cd1-0c4a-4c72-bdac-a7aa3b52334f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEB0K9q_Lt8U4sr2r00DkhOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 423F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
X-Proxy-Origin: 213.239.209.3; 213.239.209.3; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a4e5695a-a054-4dec-b5aa-999082c3372a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzODIzNTc5MTE5MDg1MDU5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame A8AB 35 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6920 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A78 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3905 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 logo_WoWC_300x600.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 14 KB
14 KB 13ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/logo_WoWC_300x600.png?1636459361941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2b845724ee136d3f6503117eb5f21fe4864b7d1d9c33ad299584d7c8d3d7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:00:05 GMT
x-content-type-options: nosniff
age: 21457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14355
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 12:00:05 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 384A 2 KB
1 KB 92ms
13ms Script
text/javascript 213.254.244.11

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_915811362678&jsTagObjCallback=__tagObject_callback_915811362678&num=6&ctx=3758893&cmp=26194978&plc=309762279&sid=5775970&advid=&adsrv=&unit=300x600&isdvvid=&uid=915811362678&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=2.80&dvpx_strhd=2.80&brid=3&brver=96&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=148&eparams=DC4FC%3Dl9EEADTbpTauTauH%3A%3F%3C8%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauH%3A%3F%3C8%40%5D4%40%3ETar9EEADTbpTauTauf6ff_25367abbfc5g4a522a3___%60_e3h%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.60&callbackName=__verify_callback_915811362678
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6765dd6297c3c59194e9fe66b4e757c12477ac4e8543b521352ec195c2dec58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Date: Tue, 23 Nov 2021 17:57:42 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/22/2021 5:57:42 PM

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8FD1 0
23 B 44ms
44ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AEB9 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Nov 2021 13:26:12 GMT
expires: Wed, 24 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16290
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8FD1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfea431fd69ca69bd6341c531329f183e431a40e060cff6b9d9aca636d7792a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F03 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 msg_1_300x600.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/msg_1_300x600.png?1636459361941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed366a8358e97bf42f3500c0069235c74fb0e540ef8b1b376866b18e055736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:28:57 GMT
x-content-type-options: nosniff
age: 120525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3464
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 08:28:57 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4D5 0
23 B 45ms
44ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfQBJk8dzSSLVLmkDEVkWtCuOPFNKUxl9Lvjwqq6ka9h45SSc-CP7yKaweQE4pnVMZ05_Wu35OgTSe8ujCDcDiWaNnOCfEV_bXa86egYVmNJfAQI74fdQA1wfcMMq4OPzmSiZLfYusAJM8nX0QqKgklFZm3gShqFYg-e3M7JDQj2DBnASW6CIB-yzdzsF5EQfJfIziaA3WJ_11j4hF2Js_CKpiH3KzkzTIjtK1TooubmcdJpTbdh6VaR8sMJqM1sLTeSXma_whOcG4z_v0Hxaa1ZoME8FvxOpV3k3J0L4v931FAqQwZ8-UmkVSEJbxBW9PH7ZlL2tZn_FRYVAYS_R-pYZVTL968QcWSgVVdhNnE_NuiawhpNb1vYcZuL7EgQIo0t3EZduOj-2Vt7IbKAbo_38SEHOYvRUUcjU70Rz9oqQv-9w2RyZavbtHjMFyUnUyQLR03b8mFD8zTHTypXKJTqChXRUMfFlLDN_8bgTpQRkSSYWN7pP_f6LD2wJGPGP7n9iGaEuEaTl0SWEP8ofBh0UkU_5ptKdUhaCYqMLB0az_HDijTOJ6wgu6T5RTgpSl5eHi2t8-0Rg5gBfy8RqvFU9tEepAf4gux9hbfR90qJelIpniTEphoqTZGoaGo9M915kZ-ad3TWEEb19GmA5-rFRR7zQU3Remb-0osyN4YOms8tAxuHwCqjfXJFWm4MfxN_mBqB0PutPTsrd7C3zOOfkZJ-qNYFNMc9vr-TLdy5pUSfGj8Zt3LABr5L69SyjuuXlCZvMvnE8dqtg5S6TSelMO_Fl-ytsftFCxocpOpF9ghDUEvIkEzavBKvGXMrGuqBLcLeL0pfNWYVJeXmzB407P5RcLlVxzuRbP6nx23yoVZ-WVfdZPYBC0M8vbg36KvopnQOMaxEbKNbI8ALZjJxia5_gQr9RIWfv3MpmYn3DKTSDgNhLpewZpU9T5lzF_Uhrkzu5hL9AGcl6c-Rg1e9hvCxx42u3RW3H7eHMqlZriinJh8p_dEAMq4cjsL3uhi0o54-330c-H2BBhhj1pK0Cx6SlznvK_2TZXz7j8y5ryTp4Imk_Eaha4ush_cWAWIO9aFRZrBDv1J6fCdXifT2k_7BRXnqtYfDbj6ww1ujcA4uezLHwuTR8YqVSrygSttVx8T6zy5AcpZHFH1KzmmcbI8uMgCeLEXRipFQ-Ri49vKTJ5h5F8h13A3LA&sai=AMfl-YQYEC1-vaStnedAdVRgKDpIjfYqDOKd4qEKfsCJ8Vk_44vJyyLGvc87wZFJxbuwqM-pylsdrYeZ35M24kgVIe7Wq0MpZjV-q-MdQayudx6t5R6-b8_QSzlrvQ7y4gXODQeIWqoBjVx4MdsUh9kH-3EC_DmYAaP1VIgDhRM&sig=Cg0ArKJSzFlfZhqDPebREAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=578&vt=11&dtpt=430&dett=3&cstd=147&cisv=r20211111.03464&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK bsevent.gif
tps20519.doubleverify.com/ Frame 384A 807 B
1 KB 365ms
8ms Ping
image/gif 213.254.244.11

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20519.doubleverify.com/bsevent.gif?impid=ee30f0a7d85e4904b452d7c8237b2fd3&vfdur=94&cbust=1637690262580919
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/22/2021 5:57:42 PM

POST log
protected-by.clarium.io/ Frame 384A 0
0

POST
H/1.1 200
OK log Show response
protected-by.clarium.io/ Frame 384A 0
337 B 54ms
23ms XHR
text/html 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/log
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 23 Nov 2021 17:57:42 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 20

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C255 1 KB
0 17ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Nov 2021 13:26:12 GMT
expires: Wed, 24 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16290
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 384A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1390597be1fe490198f426618ef8ebcfc982bf6c26402da743535d8686fcf86a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 msg_2_300x600.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/msg_2_300x600.png?1636459361941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22627059d26adcbaf0eee0c72859241c6fca3454a6984fc4b819c95c65cd7aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:38:50 GMT
x-content-type-options: nosniff
age: 526732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4703
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 15:38:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winkgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Nov 2021 17:57:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
10 KB 323ms
323ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2671688122751363&correlator=2420611356574712&output=ldjh&impl=fifs&eid=31063798%2C31063810&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211123&iu_parts=20842576%3A60283893%2CHF96JM%2CHF96JM-DDT.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ris=1&rcs=1&prev_scp=pos%3D3%26monu%3D300x250-160x600-300x600_B3%26directDeals%3Dsticky_sidebar%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26target_adx_floor%3D0.15%26big4%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=referrer%3Ddirect&cookie=ID%3D77a44e43919a5074%3AT%3D1637690261%3AS%3DALNI_MZuajWzYtUq0uLV5ywelv4ORkibTg&bc=31&abxe=1&lmt=1637604064&dt=1637690262684&dlt=1637690257877&idt=1822&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=6113&adks=1965279838&ucis=6&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwinkgo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x620&msz=320x620&psts=AGkb-H9eqGVvDMAk0x0-fNgZ00AhwkL6pQCCvCTPCSP6JjoIKQTZ3uMAbcza-C34JDz2evym6gGy60cruPOtpoT8Kho%2CAGkb-H_apoM3kbnD5fFVVNr6Fhg6WGM_368-7MDJBN2vggYiRJl5swUbt5IDDioXZe0umsxz-sI7T6-Rv45IyCViuog&ga_vid=1631351504.1637690258&ga_sid=1637690261&ga_hid=745961223&ga_fc=true&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

686661ed8bd9d82086a84775ff7cde8675c339f77302076d8f0def1b38313b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10179
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://winkgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 msg_3_300x600.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 7 KB
7 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/msg_3_300x600.png?1636459361941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7e60ae0a744f11bec52f7896456cbaa940c4b1a028e4a0c125c69be09583efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:00:05 GMT
x-content-type-options: nosniff
age: 21457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6813
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 12:00:05 GMT

GET /
google2waycm.netmng.com/cm/ Frame AEB9 0
0

GET
H2 200 dpixel
cms.quantserve.com/ Frame AEB9 35 B
463 B 231ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHyekY1zEf7E0DECQo1zaTE&google_cver=1&google_push=AYg5qPJZhwaQoB1Dpaaia-60-Nqz4-j_1MOBqVWH6uVWI6V2x8u78FKC0F9fAxRL7uadKg81BGg_kVC9yb8UXMwvJrLIDK6-gg2WTQ

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEB9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMy3NcRqb3mztNef-_mrZIg&google_cver=1&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUl...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUlKqngva30gowN1Q

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUlKqngva30gowN1Q

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 17:57:42 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKtFIrMIzbzi2SR1FbJ_zU09ymmGg4Dd88qwK-4rcbAY-uV5tKnJF_5IGVR24CED9EL1pR6ctiaRRbXpsUlKqngva30gowN1Q
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Nov 2021 17:57:41 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame AEB9 0
191 B 245ms
26ms Image
text/plain 66.155.71.25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDxYCrv4hMqOddr3GADNly0&google_cver=1&google_push=AYg5qPJBmzddVuy7gU5B6GdQBSaOWQK4FmbrB4qIjnTvRosyqNb2Y1dX_8BlegWj3Z7WQWPLy58I5DnInExTvlbx_oUZOFZl9a4Q
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEB9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENK9ZH8taQhg9x4ckdyVZb4&google_cver=1&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENK9ZH8taQhg9x4ckdyVZb4&google_cver=1&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIxNjA1NDA5ODk0MTg3MDg4OA&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJs...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIxNjA1NDA5ODk0MTg3MDg4OA&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszWPSyH5RwFDoqVn8JYbSKhsA

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIxNjA1NDA5ODk0MTg3MDg4OA&google_push=AYg5qPJ-y1Uley23edPMoBQhF2UQ8Had3jaL3pPL6Ivv6t-tmiokK0tsvEHNH4wcn01qJpuiKTijJszWPSyH5RwFDoqVn8JYbSKhsA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AEB9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKfKTyZsZPkOOosLwxBXgsk&google_cver=1&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w
https://rtb.openx.net/sync/dds?google_gid=CAESEKfKTyZsZPkOOosLwxBXgsk&google_cver=1&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w&google_hm=agM5C6DfwNUqqqJbLYk9OA==

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w&google_hm=agM5C6DfwNUqqqJbLYk9OA==

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL1kMwj29kUCaw1zpobyEUKwS4H_eLMhkhbkWALdUp_oco1CgRSn73Y9V1GMf0sDla6kFKX_bEDDh6WdtH-xU_U_9hj-r1B2w&google_hm=agM5C6DfwNUqqqJbLYk9OA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 34nibv88dr9vp7d6fv7m0e71d1t1g1on

GET

pixel
cm.g.doubleclick.net/ Frame AEB9
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITS6V2Bp0Yq3S-zn_-saR4&google_cver=1&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hm...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AEB9 0
12 B 33ms
32ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LI7OUqfNzvaDRbJQpEt6NL28REc_whVIYF6Gl1DL5V5fkud0h633tpkrSOoe4tdUskidVz

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6920 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3905 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F03 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 200 rag_hotglows.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 8 KB
8 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/rag_hotglows.png?1636459361941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6363112b94e878f10cfa25a0fd5e4937fd15600b9cadd26b3bd5b0aaf4b19c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:02:48 GMT
x-content-type-options: nosniff
age: 525294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7904
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 16:02:48 GMT

GET
H3 200 ragnaros_728x90_v2.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 44 KB
44 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/ragnaros_728x90_v2.png?1636459361942

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ebcdc91dff1db71eebea3af4d6dd918a32140f93f4e230b5316ea1b737dd7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:59:00 GMT
x-content-type-options: nosniff
age: 561522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45243
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 05:59:00 GMT

GET
H3 200 tile_flames.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 40 KB
40 KB 8ms
8ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/tile_flames.png?1636459361942

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9084df56d5fcfee7de995cc7c9d80e0a4775d5183287af0a82d52de2d0d03a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 08:28:58 GMT
x-content-type-options: nosniff
age: 120524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41170
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Nov 2022 08:28:58 GMT

GET
H3 200 USK12.png
s0.2mdn.net/sadbundle/2463664828330245935/images/ Frame 2BE5 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2463664828330245935/images/USK12.png?1636459361942

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f5a3b91487d3f246aa7f6839ffe19dc664708ac591bd930d12950b4de79c1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2463664828330245935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 19:58:09 GMT
x-content-type-options: nosniff
age: 597573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1207
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 08:15:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Nov 2022 19:58:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8AB 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsjmflSudYYWkGMyS7_UPgOmDyAQAAAAAOAHgBAI&bg=!eHulez_NAAZQLpa_UC47ACkAdvg8Wu0WY6G1ax_zzX7zfIQpR8lJAnqU3PZ3gdYbkkMctpiRah8KHQIAAAEyUgAAAAtoAQcKABHGfwE5oDhKzN6VwR_9Lnwz4pkCy1Bf_mFchmr33IFI2L4-iC5Hh986sEkVwCd7BTfyw4-RuAglom8uCmfsC6ADDIiu2DrkX01RzjkddVbuTa881v1ThzLyP2ZS7hF2WmTxY_lCJTQji9aoUQc1PRcOhfkUCp9-REvXAZ-dAbx0gZbYUf7WummgN4sr80iCa5bcwW-f9d4i4X9Ei0-mVGFMDw3QwK9ZcFXW45-DMiAnfmKzBnEk4LuCKa_KMb6XLP3ik1uXT6AzAr2nSmsgVQp7aGNH6cEKNL4ZzQoIEewS82DRmSjqmF9msgDlPxZHcLgzZVWliokwHVa69OZ6XR3MP0tv0vQpqbUtIqgXsjL2YMRWB3cEQQYq38bfMX1u_6em2KyR_zazq6zDrhSJ1uM9_OXeEDuSyvxvvWmk-dmNgEKsqzHSZEZdnAmT2sXsUq7t_OqYEJJDopofj3uMhHDynV4TufPd5uKmBWhJiacHrAj0RyDyzQHSmIFdccEcO8oHs18n9sK0r2kB0gDoLZgqt9SYBCODGuXtenzpgbWBTMAF5KAL5e3y7l3oWwZukrEkZFgqKJOzotpSljOj8-ujoaa6LGZnM_gOPtqTqEtKPRS_hOJX-vBaUKAlpx_26eXmuSgztSge9ZUeT7SfgGN4sB4fHrtTj2u8UVsHQKV-W4KIqm8KYPudWNrLuM9ElR9qStTVsy1HIdAWt9Cph0gYkzpeHQYx7-Pbvty8eENo5L2ZkmLxqLdHFefGmjT3qK-X6WFoa299N7h0qgkvkV9EfQwyQjJrttJtSsVz2QEJZw2FqBdXnK82Kcmsnn_1gFFkdF5wjEP-tbYI955aD062n4rRn5gGfmI97m8cUsOu7XzdIa6a6WwwJjlafkEBOAJUEzYdUZKjKwedsZ1JEX4P4ETRtJkyRpGzoRN37YS65JIF6kUqlDDL2dOSY8wi9qWmCLdiPvjFYFA_2n6cWPw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7648 42 B
64 B 58ms
43ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTTPtExPAFWKQbal7VhU66t6zlsrC8R3yFBDYl3me8n4XeFOwSeO1EPxyLQu61TJ8ZG8gI-uA6e7RzOocm7FOzDjrwrFjGKOI6Vr43YOcsT0hJjmkI8g&sai=AMfl-YQZPn33IOrZ4UYs2zN6hUEEm6SDbQ7bDMcwB3bnlMXR1ItQzdxjSC_lbUqF26nb56J26ZHGfKxRi6TSAHz_lV-w-i2F-oAVb8qk4fVFCHlgGIbubyJKObYVR707YKWC&sig=Cg0ArKJSzAB8ib2AIO1lEAE&cid=CAASFeRoDfHAhYFXkAWqVJNlDwzrSvPPdg&id=lidar2&mcvt=1008&p=189,436,279,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2874304787&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637690261260&rpt=655&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A78 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcItQlSudYfjwG9-a9u8PzZ2HgAgAAAAAOAHgBAI&bg=!oKOlo-fNAAZQLpa_UC47ACkAdvg8Wjqd8JzmsjyQ5NpLzRfnncdTVGhdc-fNd1eS7pc3yyNGBBaZkAIAAAEgUgAAAGRoAQeZAtHSGzzjPydd1PGZI2vv4yBGGlWgMawFW7ToMEF0m_sCn1lSvXDVf9WpJ7ssEea4_IfbsnnSSvI5szmOmF0EOSXI4YvmFFRIDB6lv4FcQPetwKhuyrj2Z1r7QDGS9vql_pW0PEz94VnO3jmWLr1gl-eE5PAoY2YBjf-q8L4J9U3Ap9sAnhJ9dkXfb0YSk9fk3fppfSPH27q70NmDJBWhh3FFVXHcZ5qW1G6WRqe2AuL_Z7ydOTTr-1_VvFOusDDw0Pf6jqbXHlUQWsPSJKjoDmJ-HyMR1W8_96DpGqRCb-9Kn7lFjLhRFmIowefBsC596__pg0u6nM6a3sQr-acyLxnHoPzZo6caZzqj5oZR03_xUg9wPrXYQF8US3VwrfYt2ZwZNTUUpzKSY63qSdm2xjbR83AMWL1qODtibOMpITiDOJFlN7XXlA62cCeUy_Wl-AHP0ocm_S9ZOftsJnL7FBfbiIxDoPD_TDGXmOCjRTs0ej4MYqaGeG1a0u4Z--39-HpGpZy97_ouodvoFeUBeNYWaxIGmF0OBvwuBSfnxBqBZJNy09Lasd4ivUKp6QSR_ZNxMvAm5dNwtoDQ0rpFzmSAJgvIb0qE36ymAy-6lhBvvcX8GWBMJJreN9rHzGNSZb7DmP8sk9y3tNczu5flVKcuCBZa_3VykFeqkx0JtumxgOqslw072Ss5ATN8S5TcPbbUO2_sXBmwNS_Bl-IE1o9u70_b1xmRWL_i-pGOYrFKS78KhOKJ4eiE15s9SDkNzQT8Eq4wT1ntYNBcziHWcwUeHZ3X74DWXCTe2yoYS2ArijViC40PAnnml-jxbvF0UEOEDyu3d-pbFI93pil7ruGZnBpUOehQ1yU2J6etyGmpOy6h-cew6gxC8pyR8TMqM-FHERJDtzlad_zRjCW2Wos6ERWjeo7qwiK4CGI5ZbAHH56Ql8pKS5YkpZJZMLUGnf5g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST bsevent.gif
tps20519.doubleverify.com/ Frame 384A 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 384A 0
0

GET
H3 200 container.html Show response
7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D8B 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 23 Nov 2021 17:57:40 GMT
expires: Wed, 23 Nov 2022 17:57:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
103 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=409717e8-a6d2-4ba1-85b8-4180be0b46c0&a=a.e&u=mmt-167199e8-4d87-41db-a36f-057bf8ffae85&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22target%22%2C%22dfFloor%22%3Anull%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22%22%2C%22monu_df%22%3A%22%22%2C%22ipin%22%3A%22HF96JM-DDT.C%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A5523952454%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3Anull%2C%22pagePath%22%3A%22%2F%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:31:46 GMT
age: 1557
x-guploader-uploadid: ADPycdsGWHnmhrUUoLQYpvp5c_wqZkwxSqhBnAut4Mpo87NJB2KYzEUgyWzdn0EM_McH7-cjsG0e1U1tW-YqF5DArFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Tue, 23 Nov 2021 18:31:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B417 640 B
316 B 21ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Nov 2021 17:57:43 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9D8B 25 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BW7AU3YXs8RQBm-HtMJ4yaCIqTMcT_54lQQoPYauNQrMxLphyOglK8zv6XzNocvfjp1ozGfQg7vb8m4opBMGBMMBtUba-vhD4BB4FmY6SlOQNRtiquYyvaC005E59GaUOZEKY0GhIPQiR1AxjBnX7aq257bw&cry=1&dbm_d=AKAmf-C0FVhHdTqOWumOD079Eopn_u7mNx61ymei4H1yPpCEkjr_wDhN8aGmMOus7MRTDSjJwXTHyBIWEgdOLnpxnHSH3T06k0GnhVVFN6k8yLptL2UNTc8I4kI10d8tc6yxu7XOXVcczAilZJX9Q7w73qs62-JRlwfYlGu7yy27qFQg55RLZrWGSNjfd_ZRYFDBicjSbXVAA91yuC4j95l-E_HWhU8RTP4bbivI6LhnV6fY-uQD1nW0HU5hoUmmHfIdf6V5FL_2BDql22zenho0VuFLoDwkmaepgYLCa46tBSRmUZ45iqnbI9bsXMeNAiu00CFNbJ4tuLoi2EreA58-cjj5mPLJNCIkvik9JP3qI7ZGRs5-W3BM-723XZGOwxZIaFbDg4twTxeBq9v2-zlOnEaGpruzrhPfFND44YgHdXIDP50SsXjVsZsC7BbVDJb6Pdek9u1fvgCg7hucx6Je4ITw-A7mYZklmNy-QEhuEkh_fBkeKHlUmZ3glXoWeLwxh7tsVwL7fA0i6l7epwScRJZ2vbB9puZ2RokP3KjBfzET_pXs8XTpTxbOpsJV42PFN0RPxpITyWu1DgWfKCT10sn823T5kzHOOyC0MLubztzGNO0SONAaFhYOB3Ld4JTLrbhdlQR3aYBq1xq8H9Xf9n-yPn4_3ozlhHbaSeb_ft-_G1qnyJa4M0tf_Z0a43kNvtNMs0cXDcCiTcGIHji-FvUGM4z0wwk_YVENjafogTgsSRuwjzs0YZJX5IrPS7M2jTo_h-iy1EFOv-ALOes40aPqkPhsbLXfSpzaatRkFXCTQr8obA_CbJkrICNhTcRNEcCA34eumc3FXYT0ZCJ6mxfgGXAwrGpex3HvJ2EALK4BShrtUxAPAvvAay-ESs_yXNE46iQ1rq8O5V2sM3HFtwXp4iHZFR068nLRuUaDw_XVno_n6ozZjCIFbMIGH_5AJiOJv03ZUCej5YQSNSvZ6xDSOXejBK8-ho3FQTuseoTXHkyQJNjJVpk10nCXX3BvHRrNJ_jZI1hdW7hQsSBv-bKgjFt2JDQoxKK6p5zCMQgrnR-HoWnL6MVNoTqwyhNgbWv3-ejtorvV79Ro1rufXLKXAfejLUlzjjmY6iMoFZP0zCC-Zo2XQ9a3qyElXgXJuWxwQ0KkoGELH2PGiP_SgPamB2chp_MACpb9BQtgHv4P_VdpcnXIdeJfvtd7fMjZj3WML1mr7qxnhy-dE8BCffKDmR7D_Hc7aedQfKujgtcR1kmSukf-YoUWWN4_e0EcOBKNw8KIboYRCcAHNeHyae36bfWv91ZpPitDpz1Fiu3WqR2rkn7E269RiBpv_24dCeeEbCd_gRpE2IrxFUm7jZuvWtxXycniUaeEM7V_r_1mIRnOfgUDJjWRxke8znrqfxqBC2WVnV3FAdhloIyPIZw8ZblQ2C_mLXJR6M59L2n49_Mf71QocQmiweGuDL4aNJdfoAikaMw4b0AIhZGqnHua_SO3vks9kWO06j7EpK7eslvrnZKXp153wUcjDVgGP96MhCBoUJIGbR9Gv1MPebKrI1FggjbXbeoJABq58-HM6TSPsuAy_tDzsxU9_alxAqc2ZHnJV-WOn-TowroSl4P4UOv6XRfUM9afEpDVEgTS5BzdJUz5--m4K6JP7piOkC_A7LmpyGN5xIjZgh7nbDTkN7ajpmVOUskurLWsgHdUuOhCy7zLm8n1ybk50PiEcQf_9BDYg6E6OBu9YpHQJsgacy-VWp6kHLKVEL0STXlSxFe6Ees8FV9qytlDcdS_X4bDlbE2xt7bjD97COLMUw2hs8B8fN6ph8wYoRQGFBAhzmIECU-3gnzjnilzxB6CqtCaK4cXWOVA1O8NnXdg-UH-OfeMnNz72FUan0sIST8vvG5xz8wA0f5TsNnb5c3JH72tFuY8Bf7dgN21STk_Ze1Wc3g8_EzJf6mPoNEL70Im2D8ujm7XBxRXBaflzKnDnanwRDSxm_egFv9sCQCOSqJ5L8DtUkQlIslxPlkeQ5-2KWfQYVPeIBjhbIYJQuSkR_uwdjXluFw8Ms-fMoagSL3npB90NeO6lwL9v7i_4Zx1gOa4zg0BSm9-sHnFi5OC5Ai6QKVlyQFw0bsIOfkQAtSZYAacy6qK_YPSD9T0VrZeBu_a7LanGYf3xepKzBjFfldz6USXp6H3rbs2rMZoAEAH-y4QaTHMBaRaQGdQGyvTeuAtRmHwxn1NyRDzpcvgWqJlKR8Q03iIhA739CVn72ca8ZMWYBwmIvg0c3YQo3Si2y9bY-AYSITqDw9nsMOf2UuPLkuwh9avetMFvdtdvU9BoJ7KhaQkCY8M_2rj8bTayEg-SUQ2h9jblMyybYWEQ7CH8ixblsxxSKmoH5k6IWGN3RQesEXbWt4XZ1sp-HG6N5Yt-hVilgGahWaMv80P6cL1-FyhpT6qRCBh1MDQSPsaHhSlgHqcZl0HX3gyLQnSWcMnDY_fer2C-LCPsoeHBno7nrnIa7m480urX1tpxemHmSSKUCf3liXRGJkKyd79XDBv2aPBUCo9_6dOWaU6ficp01pnNQwg9NfA534KjFQhKeIDToHZelPkiMj-BXSdX_4JEr5Zk-wEqpXJDs9DZolDcE3XvJrMElye1G5yy0rNJsb5RWnVXKVtkNYZLVLYOPM1uOHs7rGf0DeqxfzGaPhCT5T1A8B4irFCPiU5-DHlEs3ya_CzqlHyFWellp1qsyX6FuYgEjsY81V9bVTS6oFr0feaRdGO6CajVSWijQoPmUInrTwPf_nqTLv_LQ5VZRGaUdDhq_UcxmQztEuJTTdodFeK4Fg0xhELkp1dFaX-oGuRAII7GoTD2yTlJ0-YNDQn4LD8mVVM0S-aTMIG-DCrcJYyq9fd2QyrL0S1-apTg4FC4NO3ptGFJ0d0oMfwlby_PVqnfW8GFu7iMMakxHNRbW1QHx8hqDpRKuNQJ74iG7-6vOhnqsJWUpD_GXYOEPUcrP35kZpwjbWIZJ9L9VC1gkpNEf1TuWIRitBnXDbER3RihQD30m3-A4hxsmGcYaervUhMcDDQDUh1nOyRrhE97wwloAKT5Il59h_yTJa_uyBBFA2skwuGosmrzETKSjurvKQ&cid=CAASEuRo3k8dbGJgIAWcY80ieZwJMQ&rfl=1%2Chttps%253A%252F%252Fwinkgo.com%252F%240

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57fcb5ebc2a58f019f505fe18bacc6c16ea38a01dc1ad7e8b073a8020203b619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D8B 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiNpICuMkHn0aaHZEnxMGrupAKmnxArSz2mb-ZoN1bP_YBllr4C8KXwoZesJ2UCQj4nICqQPUf1zzA0hHHD0KCI2HVbmZVCBfyFQIDzrnbdCuUDL8

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 9D8B 16 KB
7 KB 65ms
11ms Script
text/html 54.93.158.246

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1077215701&gdpr=&gdpr_consent=&w=300&h=250&ncu=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC3N2xliudYaXFLLiR7_UPzfqFgAyhopaNZui6voi_DrL00uCyARABINjV2CtglYKAgJgHoAHo-_-YA8gBCakCeb0Qw4Tcsj6oAwGqBO4BT9ACEX_BtBxvO6_mRUo0RI5QPcNBs8nCHRbpJaIZQVqkd2nutC-B9aZ--4_G2nnWb24A3iv3Y1tQyHD_j9gAQdxYfE1YwLSAVPXicfHTKjf2KN-NGF-YI23sKZ4l49oI39xqggmUCL0StzTG69K21mtS31Y61uhJ5PhvWMniOA7F7bbOpruiMk7zAu-T8skAIRa-XRPeupSCqQqdgXtZ2Lsh1DfuJVITOk77u1QCGqeNHYtUTsjDm8SJoLuGu928Fu4QG50c1vkjNVq7nny_Cj2dzARy8ifytIa3ONIiTnm5rm3V9NXMYpnJB34UIMAE98PzouID4AQDkAYBoAZNgAeAhIBnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xMjk4NTI4MzQzMjU5NDM2gAoDmAsByAsBgAwBsBOH_IcN0BMA2BMN2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRo3k8dbGJgIAWcY80ieZwJMQ%26sig%3DAOD64_1Be2HCcm5FigTC4dvSnckskozGTg%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-ABowIUEwiR8O8RzIeetNcXIVhc1d86Felb_58KwyXdqLnX1uV7eT4QHlEvLOC9UyWvPkKqkdrnKZVP64TjG73V8WKLPVpK2vbPNFXiFo9EI4t01IeKyk4MSxp_XHNNZWDtvrGR4ixyccdp5Bf-f3-iNAmtrg%26cry%3D1%26dbm_d%3DAKAmf-DSxlaaS1htaeLLSQvG_Z4uzLDGMuGQhUAot9nzMXKStkR6f8k0Z-L-poFd2yiTZ1thzU4dmcGvJYUNEM_ujrRIeP-TeaQCEubL0O_IeMlq7gcAZMm7SX_HmG-htpI_PGSw_KBf3OrjuHfM2Vdv9E3gVVDLN0kGW0R7JaSfRGXeAU6WTZN9ENBeRwW9ougPffMRKN9VSjBnMXoTZmtKnkvAmoF7unrqqJTjSDQS_2DPxfiDKm9mZ2o-bJ35BV4zFl1Oule3GxbwqUksBphHzAuL-qD_gvhKR6JQ2m9WDOJoBjLNf2ID3gSqZq5JJlrWR0OcL-3thwOAefQktvAoiddEvCC-MKAfGK_JA76nzRc5IGS0nJFttPeaGsEgxse1IaqlF5p89ifNMhD4JLakuqRJqFzH66oXuqspgiDn1oIcAeVJggSZLf6VOe140lHoSgmwZVxA%26adurl%3D&e=0&ord=1637690262729765&z=0
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 355dd28c5b9870937eb906c5166b5efa86572169a23d20dad056039a6491eec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 6636
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/852329/57872888/ Frame 9D8B 47 KB
14 KB 205ms
57ms Script
application/javascript 52.18.126.50

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/852329/57872888/skeleton.js?ias_dspID=3&ias_campId=15097833995&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=386778594&bidurl=https://winkgo.com/&ias_dealId=
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.126.50 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d8bf28960aa7da7a49624bcc2e9e19d4f7dd227b0f68aef2b3c160ee0630f5f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9D8B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:50:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9D8B 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9D8B 0
0 16ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm3-1u5JiTW644oEqKT-43iq6MZiZW6Uji3empfJAhRerYZC5kUVUaHy4d2vu6RJGVK8l-PEJI_An1kzaYXFiN40hKYA
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D8B 119 KB
36 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Nov 2021 17:57:43 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 9D8B 68 B
345 B 12ms
11ms Image
image/png 18.194.83.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fl6v4hiq&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDYwMjgzODkzL0hGOTZKTS9IRjk2Sk0tRERULkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTE2NzE5OWU4LTRkODctNDFkYi1hMzZmLTA1N2JmOGZmYWU4NSJ9fQ%3D%3D&sb=undefined&cb=510269&h=winkgo.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.83.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-83-218.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:43 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B417
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUisUjgwrNcG-wzZnzeQ48&google_cver=1

43 B
61 B

19ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUisUjgwrNcG-wzZnzeQ48&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
via: 1.1 google
server: OXGW/16.220.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAUisUjgwrNcG-wzZnzeQ48&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame B417 43 B
131 B 23ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame B417
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPacJllMs8tfIQwaCX-oy1A&google_cver=1

23 B
172 B

66ms
45ms

Image
image/gif

104.111.242.245

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPacJllMs8tfIQwaCX-oy1A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4
Protocol: H2
Server: 104.111.242.245 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 23 Nov 2021 17:57:43 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEPacJllMs8tfIQwaCX-oy1A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame B417 23 B
172 B 107ms
33ms Image
image/gif 104.111.242.245

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CID6ShC9oWAY4ou3uAEwAQ&v=APEucNVO69Ux8z7TBIaoNLvfl0n4K8FVSsOWxKIXSmf6IWs1RjvkCy23Yup3_A1TK00skglzYsobmtqERi_6L7x3htvggKKxQTiKHOejuJm_XrJUaoCj0gF2HN4kzboM_4emyedVoQOJXF5iNaxl8AICEvJRzRsJoZvTvdItICkCBABUy6d-4M4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 23 Nov 2021 17:57:43 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 9D8B 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 17:52:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D8B 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 19 Nov 2022 12:35:12 GMT

GET
H2 200 ebStdBannerEx.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ Frame 9D8B 302 KB
84 KB 36ms
8ms Script
application/javascript 92.123.225.41

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ebStdBannerEx.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.41 -, , ASN (),
Reverse DNS
Software: / ARR/2.5
Resource Hash: 95e88b75b9150c889892b55c2c6b2de8bf182222e5ae610c8bc24732a6e3b8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 09:54:08 GMT
server
x-powered-by: ARR/2.5
etag: "1f92109386d4d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 85546
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4D5 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUw16imncEF8nTkZ9PjY8u6TQHU_iHC7r_HmNFD1t8I0N7k1SpLvHBuVzgcKp7xX-S72BBQfuctm1FWoKrNiOpPLN8XwGAv1pkiOMd3ANYaiF0FiauXA&sai=AMfl-YTXAw-ruFPNDWusDDGKP0zjDjLAEatBTElE4Qzmwoq160oST_1Y9MDiHxcxt_yyhOxdRukbJjczB0sPDDx0_EGhRyMYqiZRRpmuwm27pmH94LWUch7sbMfRf8tsqjI&sig=Cg0ArKJSzNJ3QO6TAgQCEAE&cid=CAASFeRotI4tJnuLwm6UX84l9t2xef5cVA&id=lidar2&mcvt=1015&p=950,-19,1200,281&mtos=761,1015,1015,1015,1015&tos=761,254,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1740942225&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637690261517&rpt=756&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8242 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: winkgo.com
URL: https://winkgo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 19 Nov 2021 12:35:14 GMT
expires: Sat, 19 Nov 2022 12:35:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 364949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6920 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8COPlSudYaWfL9zJ7_UPyeSKsAMAAAAAOAHgBAI&bg=!gYKlgsbNAAZQLpa_UC47ACkAdvg8Wmvylg5wsxc2GMjGG4zjoxAcDJZLX9j3PuI2MMNTbOV7_l71iwIAAAFAUgAAABBoAQcKAG_avvtW1MWkdy1wRna-WLs9rVE7Y1qBK60-J1345WuaCJIJbrIn-dxEwSL9tL_ht3gKEAjQ-cKQgtcLNuFb9khoS7EQ4BL48dR1-gv3-fI2KAKKUCVvxNAUQz4P8OIipxINdQFf8rqJIqF1Dze_A0uZAswayWh02FTOK_gOGkS4uAEcLvHzrKXt3nhRJQXgaKQXREOZExtviJg139rI72yCRn9xYSfyKiTNdNE4vyG5QXCVXdS5QS1cOEzd_eMNO-Co0rCg3BrOFzUHnwkhpjbOv40O_fDXJ9wezqiKY9WABbNo20-Ge31fWb2-XV19ShYkbri-BFv1iEJJYxdXqFuk0DUO5qQliHNe-2TemQWT6UDDYBbsHogMpG_8rtXUrWbLErUdejnaKkYJNZUWpyMch0e8LGQQS65RCeRETPyKkNl9IGIqmBbI6Y3x7eztSMVXbasbKDO8dsjz0MdapFXG9oli7ih8bfhL4NSPj77PNeIBmBhu9a4j7jmq_oteauSk0rAeRKQW7A_HpbaO9wN4go1i-8CcaVuJUPzXmPwRSyBf3m9R2GbOkvXnJ0OPLHdSCHa5iRFID1jKgXI_UE2zp4TxMK2nzzcQ4q7lc_jZxTK0eUKx_aHeJeR1xrUAT_BRtEYXTDlPJXyG-x1kwqZ07QY3tHUhmM5LuZV6dBaWfpjnQ39MWUgKaUMAX7NftCqcFjii-JYxdNJubDufUruMpzs-mDTg2pN1i7Qy24MfZ8UDjgKv5FGmXagOWGodqRXVrAS3ZpEo-k8CUANxKVDJdQ_9eY04PneqjKBD-Rz3u_QiHtzNGflD7q4KwsmWFFZxRv7c1qV0Z7LqFhkGrh56rdkoAesf2yeDEmYm_02GewEvExHdCZYZIdn5TG1LPs6DPlZOlY6I7LGAOC5y4Yiet7TB-E0QogbPyn3SEuYEYR3qOr7luTvctZKbMgeyZlCsrfFcoUgU3ujKJk_ycHeZJVWCUvdP4mC46DMxXqlRhZ-eQqH7vOE3ixmSTBbrl1RGXz8ULzAMN-W7NhfC_iBTSnQzZrNucZRNv_LEVDof-7kKCCLwEEBi1FBCu4yhZRjy7cPY99F1hjgFXnIjyg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8242 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 11:17:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F03 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHOutliudYar4DJmS7_UPlJ2bmAIAAAAAOAHgBAI&bg=!BwSlBEDNAAZQLpa_UC47ACkAdvg8WiQQxJO3zEsa7t5jILl1ZZXrSYUYt51inRndRiVgAN3MVBFR1AIAAAFSUgAAAA9oAQeZAsjtx9tp50CPWWcK_dFybxPI6Cl1ntYjUGP2RiowaKlbnLv6KVqcY8D8StVfk1ysqJkWyzB5D2xMqe2_JgKOi0sRBSP4dmcqOpyggUYkeZZ1KLNxcU7dMYK1DY08GaTojL1g19NmIKG9j3sg9Ce5n1KtviExq8RAS7qd5bxAtbLhMQAQlO9iYoh8ok1SnR1G4l7ttq7ByH31aGqPV_sDtFXD1A1vwpEUQpeiMTgm595zWNuaLRR4hyqLWMmixHRujjTEb2p2HP-lXq8AnLfM22COc7n25wpH-GQYuK7bea0aaziKSF4UsQ6KdrMztda49KJYQnpxxugfOT_kVHLH91OJTELQzmUjG1cYjlG26DKNj0QrVchD_TU5iRm30g4na2cOT8wQfQ9_HgBnZxft-qqXTUENyQZYKpjMTXc4IkVSslY7BMUnfvQHRhpe9cdH0crKgCPmMSMczNye6fybov8z7dd0OCZgvyxydbyI7s8MHe_PRSYHdkwQ9qI6F_7dhV67KmV_J6rcKtZHOj8_vztUy71dLOPjqDKbTizL8ZZnoWxVYGcDvhYEkTk4gqo-klcu5ZPT7lyEHDs9owYRuozoLu7nU8Qh3mRd0SdSA1VliCJvoHW_RXgpfsq1uLEInS3a9uP94S6S232Bm8KohZhcbqt3SYkt6gTL4tEswODX4ci7-YkHceyzjhzNLdIue2VxiJXMiOQSQllu1TgbdLMJqWSyjT2Y7lMhj_mqUD6C78CBKeVMU5wLHMRgpLlGQaAq2lN_o52TU4xrXMf1zrqgRYtJQNjoqtWtTRTC_sPtoL7YpxXGel7Dw3HXlXY3D-JXLcm4BEfYMRdIbBUoIOqAMHFNuLSZoYJ-9OuoPDqlU3RsOlk-bY8vSDtv6Q735okk1Bek_c27L2rdEkYrkqpy3C_bHH82V9OgJyZNRDqn2p1aPIHoFeOb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame 9D8B 187 KB
60 KB 46ms
10ms Script
application/javascript 2600:9000:2156:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 72985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Nn29D54H_EW2i3jVcK9tVwn4mAXdgmvaMj3tk60bA5bL0b9ISRmTrw==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4C51 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Nov 2021 13:26:12 GMT
expires: Wed, 24 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16291
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9D8B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23d4fd6211a60a89974a67c5ac871714d2e78173538269baa632f6f2de0dca85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_80_0_0/ Frame 9D8B 7 KB
2 KB 8ms
8ms Script
application/javascript 92.123.225.41

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_80_0_0/URLUtil.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.41 -, , ASN (),
Reverse DNS
Software: / ARR/2.5
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 09:54:08 GMT
server
x-powered-by: ARR/2.5
etag: "143ba89286d4d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1985
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 IntersectionObserverVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_80_0_0/ Frame 9D8B 10 KB
3 KB 10ms
10ms Script
application/javascript 92.123.225.41

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_80_0_0/IntersectionObserverVisibilityProvider.js
Requested by: Host: winkgo.com
URL: https://winkgo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.41 -, , ASN (),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 09:54:07 GMT
server
x-powered-by: ARR/3.0
etag: "d369619286d4d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3012
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 300x250_Purina_Dachmarke_DCO_Always-On_2021_Medium%20Rectangle%20Kopie_66043144128439639.gif
secure-ds.serving-sys.com/resources/PROD/asset/107936/IMAGE/20211018/ Frame 9D8B 133 KB
133 KB 14ms
14ms Image
image/gif 92.123.225.41

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/107936/IMAGE/20211018/300x250_Purina_Dachmarke_DCO_Always-On_2021_Medium%20Rectangle%20Kopie_66043144128439639.gif
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.225.41 -, , ASN (),
Reverse DNS
Software: ATS/7.1.0 /
Resource Hash: 90f07d0dda7845f34045de9690b4af23d7b1a1fb50c9df7bc414064a96fe8002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: J1XRRZ3Y_PWxUjL2Zgw55LsmdPFijZiT
last-modified: Mon, 18 Oct 2021 13:38:05 GMT
server: ATS/7.1.0
x-amz-request-id: 33A6JN50SK796GT7
etag: "6b429e6f40fc1045d24d7a95e30a8574"
content-type: image/gif
access-control-allow-origin: *
date: Tue, 23 Nov 2021 17:57:43 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 135686
x-amz-id-2: BvmjzPjvUQ4AwiG6B6tixxgVl//RC30OFb0fYAEniVN6/CfZezMNhZJiu4kpnQtHa39rJK8oKm4=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FD1 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvigj7-oGk7NHT63Zpa-cPj6l48sRQh-P5uA6LwMmBakEFFGkUH-NlfgtMZE4QnZKN6zFlsMw-2MdNn-Ni2KBbOg4MT1u5r6fu-b0En6HxTjOLQ6ZKgrA&sai=AMfl-YSFjAwPEZrn4BJQ20lxZMU-_I1FhbhYEIAoT1C7A7IZYEpS_UF2yfP6dZQSPH76W8dobnMuTJgXN8DiUKq0ims-XSZkUk6umyaBpVlLkjQfW2v6IypQtj2zNDM&sig=Cg0ArKJSzH8qRIBQNaYWEAE&cid=CAASEuRov6EuB8p3-6t_BKsYba_FMQ&id=lidar2&mcvt=1009&p=1110,436,1204,1164&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=4248062349&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637690261979&rpt=432&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST evt
lm.serving-sys.com/lm/ Frame 9D8B 0
0

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 9D8B 24 B
629 B 12ms
12ms XHR
text/html 54.93.158.246

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=5632933378343800075&ai=1085160415&usercookie=u2=7bdb4f3d-1133-43f2-8654-bd6297b0e1c2&oo=0&clsrc=2&clbv=_2_213_3_0&gdprpurposes=1023&dg=1076518868&sdg=1077193928&ctick=57&ord=0.48120360701256315
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame 9D8B 0
504 B 11ms
10ms Ping
text/html 54.93.158.246

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1085160415~~0~~1076518868~~5632933378343800075^VsR~0~0~01020~59^VsRAg~0~0~01020~59^AdStart~0~0~01020~59&usercookie=u2=7bdb4f3d-1133-43f2-8654-bd6297b0e1c2&rnd=0.8843803386571156&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4C51 0
104 B 155ms
60ms Image
text/plain 2a02:fa8:8806:13::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEABTsfPnKO2NgX-_rY7nss8&google_cver=1&google_push=AYg5qPJrzwvpzpiz3Jwaa5MdlXMeeXrv-p8MnJzrq_O-QWuFS63mxS52OSD8qtYUIemUlbD9vyRDWQbx0bDCi-KWmV08DDa80dv2
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C51
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAxo8dlm8lV4fIPPsVuDoKA&google_cver=1&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoRHyHLzIEngXLKnjDbe&google_hm=f0a1anXuRYOzeYnSfdcp1AM

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoRHyHLzIEngXLKnjDbe&google_hm=f0a1anXuRYOzeYnSfdcp1AM

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKVR79tfMtQBu0UmNWlPelvNcrdv1rF_robfJn6utg2m6B-iJj3z1po5hlaGuMqwVqvSOTyOkOszoRHyHLzIEngXLKnjDbe&google_hm=f0a1anXuRYOzeYnSfdcp1AM
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C51
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJULumQ3r4CHZLlNXqddSZg&google_cver=1&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s7d0t-8PSSS-PHQuJuQW_g2&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-H0gBteoWh_Yp

170 B
188 B

36ms
35ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s7d0t-8PSSS-PHQuJuQW_g2&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-H0gBteoWh_Yp

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 23 Nov 2021 17:57:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=s7d0t-8PSSS-PHQuJuQW_g2&google_push=AYg5qPJv6PNq7bWtUKw8QSvTt0GPK_B3r5rR_S8AUoak6nI-tLFjSbOrKICAgkmqUxBIxN6f0m1vyXFzX-eNs8F-H0gBteoWh_Yp
x-host: tde-deliveryengine-production-d7b5884bf-scqwt
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C51
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEG_i67BikM8BJ7803A09DdM&google_cver=1&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJ...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEG_i67BikM8BJ7803A09DdM&google_cver=1&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJ...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=j5cn3hAoGEOK179O7jIOMQ&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5m...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=j5cn3hAoGEOK179O7jIOMQ&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5mT4-l9EhdaAmOP42D0JV

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 17:57:43 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=j5cn3hAoGEOK179O7jIOMQ&google_push=AYg5qPIqN3yExrky4lcJSqBNI8iWJ9fanAs4x6vg5M7ITbYPHpXSlT0KODikJM130VwHp8vp-XKyqJu5mT4-l9EhdaAmOP42D0JV
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C51
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Np67aOxzTleRc2Q-CfJk8w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Np67aOxzTleRc2Q-CfJk8w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL58SbyrCKc7jsebVtz0H1nV5p-GjF1Xe2iUu7OB8fomkLfmHlCUKaMYc4FrX6xp15u3E-k0fK8ww9StSECRHA005-V7NU_

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Np67aOxzTleRc2Q-CfJk8w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL58SbyrCKc7jsebVtz0H1nV5p-GjF1Xe2iUu7OB8fomkLfmHlCUKaMYc4FrX6xp15u3E-k0fK8ww9StSECRHA005-V7NU_
date: Tue, 23 Nov 2021 17:57:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 4C51
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEITS6V2Bp0Yq3S-zn_-saR4&google_cver=1&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlB...

0
0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4C51 43 B
71 B 41ms
40ms Image
image/gif 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEFyx6SL7mL9fJ4KTIEsdD6w&google_cver=1&google_push=AYg5qPL4bQuG79AqlG30Y87_ZvlPpEtYSVw1Q1H8u3QevVchYZrp_8ZbnRjiZfWvv-vyKC7hwbzANwUaS4L6bN09osnExoFB0u7ODA

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 17:57:43 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4C51 0
12 B 35ms
33ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLzbr-FAFTI7j6QVpjy7p19Os3IQhs-pNjaORXDZPzzn9GEXKI_JgWlhAhs3U_gbmKptvS0Q

Requested by

Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:57:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 9D8B 0
406 B 10ms
9ms XHR
text/html 54.93.158.246

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1085160415~~0~~1076518868~~5632933378343800075%5EAdParams~ifr%3D2%26loc%3D0x0%26size%3D300x250%26cb%3D0%26env%3D0%26vsbp%3D10%26bi%3D-1%26idx%3D1~0~01020~73$$&usercookie=u2=7bdb4f3d-1133-43f2-8654-bd6297b0e1c2&rnd=0.19458528260029273&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9D8B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/852329/57872888/skeleton.js?ias_dspID=3&ias_campId=15097833995&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=386778594&bidurl=https://winkgo.c...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

8ms
8ms

Script
application/javascript

2600:9000:2156:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:2156:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
age: 12043307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: loc1xtZBD8XF_vX1e0JRt0G_Tq1LptKJ4SDAaMDdBr468Oexjgzz0w==

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7F34 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:2156:400:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
URL: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:400:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 4614553
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: N6wWJ48-8ecKcy9Zl1Xk0Li7N3fzDkhlwdwYsUGNypQLGxygpMme2Q==

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 9D8B 0
406 B 9ms
9ms XHR
text/html 54.93.158.246

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1085160415~~0~~1076518868~~5632933378343800075%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~121$$&usercookie=u2=7bdb4f3d-1133-43f2-8654-bd6297b0e1c2&rnd=0.10648951682523666&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_213_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 9D8B 43 B
301 B 337ms
113ms Image
image/gif 104.244.36.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=852329&asId=b4303504-349d-7311-43f0-01bd417afd3b&tv=%7Bc:uOyFga,pingTime:-3,time:168,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:141%7D,%7Bpiv:0,vs:o,r:l,t:167%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:168,n:167,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:141,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~300.250%5D%7D%7D,%7Bsl:o,t:167,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPBXrMi+11%7C12%7C13%7C14%7C151%7C152%7C153%7C161%7C162%7C163%7C17%7C18%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.852329-57872888%7C1b1%7C1b21%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:43 GMT
X-Server-Name: dt58.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 9D8B 43 B
301 B 307ms
86ms Image
image/gif 104.244.36.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=852329&asId=b4303504-349d-7311-43f0-01bd417afd3b&tv=%7Bc:uOyFgb,pingTime:-6,time:169,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:169,n:167,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:141,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~300.250%5D%7D%7D,%7Bsl:o,t:167,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPBXrMi+11%7C12%7C13%7C14%7C151%7C152%7C153%7C161%7C162%7C163%7C17%7C18%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.852329-57872888%7C1b1%7C1b21%7C1b3,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:winkgo.com*&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:43 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 9D8B 43 B
301 B 291ms
87ms Image
image/gif 104.244.36.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=852329&asId=b4303504-349d-7311-43f0-01bd417afd3b&tv=%7Bc:uOyFgt,pingTime:-2,time:187,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:306,beZ:307,mfA:428,cmA:429,inA:429,inZ:433,prA:433,prZ:440,si:447,poA:448,poZ:461,cmZ:461,mfZ:461,loA:474,loZ:476,ltA:493,ltZ:493%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:141%7D,%7Bpiv:0,vs:o,r:l,t:167%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:187,n:167,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:141,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B42~1,0~0%5D,as:%5B42~300.250%5D%7D%7D,%7Bsl:o,t:167,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B20~0%5D,as:%5B20~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sPBXrMi+11%7C12%7C13%7C14%7C151%7C152%7C153%7C161%7C162%7C163%7C17%7C18%7C191%7C192%7C193%7C1a1%7C1a2%7C1a3%7C1b*.852329-57872888%7C1b1%7C1b21%7C1b3,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:44,readyFired:true%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 17:57:43 GMT
X-Server-Name: dt71.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8242 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bid0hlyudYc2WCfT33wOm0KagCwAAAAA4AeAEAg&bg=!QUKlQgbNAAZQLpa_UC47ACkAdvg8WiQ5aO3noH-vyU894gKZZRZjsE0A5tIO7g--3oyVQvNPYP_s3wIAAACqUgAAAApoAQeZAscSu5wQcExSjXInivU9gZIzwpbYXU7Qz4jijiziQVOsjtGX3mvlhI5kAApdw7qVEVut_RmwO40MtDpYkhoDw56jOHiMBjfrKKxtFlqeGp7hmfw_y1jF8yDHPNeNa5Osau7w9czlu0ifUCbRlqlM3tzx12EYMHrMLaz1NKFPthmPJWeEpBQnwdXPfbyJpk1EAZTneX6SAn_z-cS6TTEM2KXtIebatT0gyEiTOacxtp6llNSq2IK3gEasPYDJgj64XMAtdLQD0IQDbQIpEwH0ZQasmDxuPF7u91fAE7pNzDiDNL6d7fWOpOFHT4cAGhxv-N2DzIDb6uA3a2Y2xqPmpX9FhGdtn55ehzar-yGy9aqypKtU9l3JKNmUQyw4dDbA2KPv543zdzbX3Lhj8oCyvwvN5YKBM8JmnyvzwgU-UOB5EBev_emk8s8WY_G1oNArB66A0yCSZHgca4RfIVdDBiXY2f1CuVjyzNmFqbSaPdvT8viH3n8GkzXDlO8UKVS3neQP_y5Qn6NUJM-HFgCBjZbdY0ntk-o24p8qoXkpZ9i7QaVjxq9Vuv33A53c9btpOn4xjT4OSbBB1Xxq_iXTJwMGq0ZXMPMxFcljdXQBzJ2H52v7g1JeS2PthPx8VKVx_maqIkgq_STDWn_a6-SFHPmhET65Aiwfrph0TNNGxh5Hqsy6o1G2uRhlcn6oGpjaoPoQ4xRdqEshR4LWudS6hDwKpV8jrCjcDSMOmOJT4lnMJlN0SWewACeKX1R-f0JY2jbRmEAFCDna3GpUraTo1tKwt6ylxZGbSPC_mA70S3Ke4ndTgmtRMQ42hfwphzUiG50VeA5efiZIPkWlmzjfVjKizFUG2Ds9Czwcf3YlQWu8QYWVUpqXpoguDj_VZaudExaJ1AiPe9CNsa2MZekBMqdEP7862cMG4Y1BQ0gzQff2vJPH_-rYKrg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 17:57:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dt
dt.adsafeprotected.com/ Frame 9D8B 0
0

GET rid
match.adsrvr.org/track/ 0
0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 7F77 0
0 14ms
14ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

Server: nginx
Date: Tue, 23 Nov 2021 17:57:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET /
ssc-cms.33across.com/ps/ Frame AB38 0
0

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 6726 0
0 18ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.220.0
date: Tue, 23 Nov 2021 17:57:43 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET sync_iframe
sync.bfmio.com/ Frame BABF 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53BB 0
0

GET index.html
cdn.districtm.io/ids/ Frame 2625 0
0

GET sync_iframe
sync.bfmio.com/ Frame 4DFB 0
0

GET checksync.php
contextual.media.net/ Frame DAE8 0
0

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 7110 0
0 17ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.220.0
date: Tue, 23 Nov 2021 17:57:43 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET sync_iframe
sync.bfmio.com/ Frame 8229 0
0

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 0F94 0
0 13ms
13ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

Server: nginx
Date: Tue, 23 Nov 2021 17:57:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET sync_iframe
sync.bfmio.com/ Frame D46E 0
0

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 0B60 0
0 18ms
16ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13208641
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

Server: nginx
Date: Tue, 23 Nov 2021 17:57:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET 2000033.html
sync.serverbid.com/ss/ Frame B7D5 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9759 0
0

GET check.html
biddr.brealtime.com/ Frame E819 0
0

GET 2000033.html
sync.serverbid.com/ss/ Frame A7D2 0
0

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame A349 0
0 7ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/f/1/941660-e74d-49b3-b265-5d8e96eedd3e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winkgo.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 23 Nov 2021 17:57:43 GMT
Connection: keep-alive

GET checksync.php
contextual.media.net/ Frame AE6A 0
0

GET sync_iframe
sync.bfmio.com/ Frame 6F73 0
0

GET pd
u.openx.net/w/1.0/ Frame 1B75 0
0

GET checksync.php
contextual.media.net/ Frame B436 0
0

GET ixmatch.html
js-sec.indexww.com/um/ Frame 575F 0
0

GET index.html
cdn.districtm.io/ids/ Frame 61D1 0
0

GET beacon
ap.lijit.com/ Frame 6865 0
0

GET ixmatch.html
js-sec.indexww.com/um/ Frame 4617 0
0

GET /
ssc-cms.33across.com/ps/ Frame 40B8 0
0

GET check.html
biddr.brealtime.com/ Frame 0DA3 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6BF0 0
0

GET index.html
cdn.districtm.io/ids/ Frame 5FB3 0
0

GET 2000033.html
sync.serverbid.com/ss/ Frame 6510 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4332 0
0

GET 2000033.html
sync.serverbid.com/ss/ Frame 6998 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: protected-by.clarium.io
URL: https://protected-by.clarium.io/log

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEAz83WcmcDw9vpja3_oAb6I&google_cver=1&google_push=AYg5qPLhVTVWPJXqAKnuN1LaVD_A6OPAd7Oq5-MEjEEafYpCYoO0VWhdeMV-_P_sVFnsKsFRSDC2mSrtCfqOnaxpHhjsBieCJnYH

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIbbE3ANIyaPtlmcXnOoU9v-T_DknhU-V8xTR-JgfbR9lninBBO3UWIerTZjAF5Hf9MAqoDk-gHpBXgOcKeWYzm6kof8ohL&google_hm=YUVCbnMwdnY4WnRkT3hmSkxPbDdMbS1YY0otd01vVGVKcEJ4U3pmSDE4TQ&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: tps20519.doubleverify.com
URL: https://tps20519.doubleverify.com/bsevent.gif?impid=ee30f0a7d85e4904b452d7c8237b2fd3&pltfrm=Linux%20x86_64&cbust=1637690263032348

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwwOP1N8-QpDICp1l_scGskNsUpNYSlu4M8mgqNTivUvX_FE2QZMBwg_LvzO5Op3HZQjJGtZoVHK7vl23t7k7xk-9OxWuKCm75tyzTXccD8e9ctd6qDQ&sai=AMfl-YSRYL455F5o5v8nHalHmW5dSGtuMGYApNjwehbC-KrI2SSuytPjgMS9fVkNNevsjEuNAcBMFhuL-Hx6GrQxChFMcNtN-34ER6ABLoniLwiT1oaqYI_lS_tsRjrC&sig=Cg0ArKJSzBSZhp0256OuEAE&cid=CAASEuRo6Lx8kkUaIj7x0GopX5t9Ww&id=lidartos&mcvt=0&p=6113,1050,6713,1350&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=1965279838&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1637690261858&rpt=809&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: lm.serving-sys.com
URL: https://lm.serving-sys.com/lm/evt

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJcUz00fbxKRxMo2kEmTXqeH6sO7-4ut_0atzbPE9Y-3aCkPBU6Y3pY3p_JGEVh0nSdq-K5sDJilNUsyRKYh6n-ivDlcjnm&google_hm=Z2lSM3gyYm5YSWQtRVlBcWFOUktaSzBUZVcyYldESEtianJUdWxnTmh0dw&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3&google_hm=3

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=852329&asId=b4303504-349d-7311-43f0-01bd417afd3b&tv=%7Bc:uOyFkZ,pingTime:-10,time:467,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1637690263817%7C%7Cfcb9cba3816f5b0d765fa3cc34996f41%7C%7Cb4088f046bf9a570f2964ffc86d258ff%7C%7C37c7104c3f2c621dcb64394d3136919f%7C%7Ce6fda0752d15627e2765ffea54004712%7C%7C4dfbba3fbc925a81f15a09fe65f9af2a%7C%7Ced2da62acc1d9141bf5fd65e6e5c440c%7C%7C702c6e37b0890cd7d6a9a22dc1ba9676%7C%7C1629390669%7D

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1458

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bT2WDOzV0r64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690261082

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972

Domain: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260838

Domain: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260957

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260835

Domain: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972

Domain: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.html

Domain: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html

Domain: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Domain: sync.bfmio.com
URL: https://sync.bfmio.com/sync_iframe?ifpl=5&ifg=1&id=Monumetric+-+Display+-+Header+Bidding&gdpr=0&gc=&gce=1&cb=1637690260953

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Domain: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=2033%2C2030%2C251%2C175%2C3018%2C157%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C3007%2C201%2C4%2C246%2C203%2C126%2C226%2C80%2C10000%2C9%2C229%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID

Domain: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html

Domain: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html

Domain: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13208641

Domain: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bT2WDOzV0r64kqaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined

Domain: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.html

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972

Domain: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html

Domain: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972

Domain: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winkgo.com/	1970-01-20 16:26:02	Name: _ga Value: GA1.2.1631351504.1637690258
.winkgo.com/	1970-01-19 22:56:16	Name: _gid Value: GA1.2.1311913391.1637690258
.winkgo.com/	1970-01-19 22:54:50	Name: _gat_gtag_UA_3289316_12 Value: 1
winkgo.com/	1970-01-19 23:38:02	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adsrvr.org/	1970-01-20 07:40:26	Name: TDID Value: 96c8c645-23f3-44a4-a297-a52f0bbd8faa
.zergnet.com/	1970-01-19 23:04:55	Name: seen_crc Value: %5B3868095854%2C774300853%2C820235126%5D
winkgo.com/	1970-01-21 18:42:50	Name: session Value: 409717e8-a6d2-4ba1-85b8-4180be0b46c0
winkgo.com/	1969-12-31 23:59:59	Name: aawp-geotargeting Value: DE
winkgo.com/	1970-01-19 22:56:16	Name: _lr_geo_location Value: DE
.udmserve.net/	1970-01-20 07:40:26	Name: udmts Value: 1637690258.0
.udmserve.net/	1970-01-20 07:40:26	Name: dt Value: 7C0B59CE-062C-3830-AD43-8541A97608B3
.winkgo.com/	1970-01-20 07:40:26	Name: _pin_unauth Value: dWlkPU0yVTVOREU0TlRVdE9UZzBPQzAwWkRrM0xUa3hORFF0TlRWallqZGpaakkzTjJFMw
.adnxs.com/	1970-01-20 01:04:26	Name: icu Value: ChgIzZp3EAoYASABKAEwlNf0jAY4AUABSAEQlNf0jAYYAA..
.adnxs.com/	1970-01-20 01:04:26	Name: uuid2 Value: 1938235791190850590
e.serverbid.com/	1970-01-20 07:40:26	Name: azk Value: ue1-sb1-059312d5-7393-4365-ac09-f1712d6d464a
.gumgum.com/	1970-01-20 07:40:26	Name: cs Value: true
.gumgum.com/	1970-01-19 23:38:02	Name: loc Value: SfolTs1ZIlNoB0VN6SqJW2PQ45JJh0eaJJy6DFAJOS8mvA0QjXoIBhD-kAFLVupwGyLppyr87AOiHI0AodqNmf_HB0O8wUWpj2qr3YXR1SUqa9jqS-Y2Xw
.gumgum.com/	1970-01-20 07:40:26	Name: vst Value: e_e73610f4-b313-46b9-bed1-54ed09163d54
www.pinterest.de/	1970-01-20 07:33:14	Name: _pinterest_sess Value: TWc9PSZzOWtRcStrTWxLeXVxR05MSFBhbWtySW1KWXlTTUEzSE5DOThzZ0o0WTNKczRhNFhZSGZjNjVwa3YwSnltWU9RN3NlbjF3dDVCbnNCTHpqZjU0SEF3TU5sTXFwN1N3eXNUSlhjN0hyQUdhSUNzV1phUldpRUk5MldZdVBwMTF1TyZlQmd3RlNSVkdYa21CUDU1clAyT0pQSHk3ekE9
.doubleclick.net/	1970-01-20 08:16:26	Name: IDE Value: AHWqTUm4dTcnHvQkugEoSdVCslR5dzOiccDFtqWtac4WN-7fg5jaH_Qm94_p4Xr0xp8
.casalemedia.com/	1970-01-20 07:40:26	Name: CMID Value: YZ0rldESqkOD6rApdX64nAAA
.casalemedia.com/	1970-01-20 01:04:26	Name: CMPS Value: 3229
.casalemedia.com/	1970-01-20 01:04:26	Name: CMPRO Value: 1212
.winkgo.com/	1970-01-20 08:16:26	Name: __gads Value: ID=77a44e43919a5074:T=1637690261:S=ALNI_MZuajWzYtUq0uLV5ywelv4ORkibTg
.adnxs.com/	1970-01-20 01:04:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#m=56O!]tb[8i_iqf!oN/@E'zz<Z0Q0Rj?4dOd`hQgtZx//9Af#12Cdx%`ukB%xc<QG=%9sk@3@'s>T0z)P1
.casalemedia.com/	1970-01-19 22:56:16	Name: CMST Value: YZ0rlWGdK5YA
.casalemedia.com/	1970-01-20 07:40:26	Name: CMRUM3 Value: 2d619d2b962760CAESEERFeYWRoocYr0qgbRvg1uY

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://udmserve.net/udm/img.fetch?sid=15629;tid=1;dt=6; Message: Failed to load resource: the server responded with a status of 412 (Precondition Failed)
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-453253ac42fb77e8017e5987f68efef3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
deprecation	warning	(Line 3) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7e770adbef23374d8c2daa2b000106b9.safeframe.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
biddr.brealtime.com
bloggernetwork-d.openx.net
bs.serving-sys.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.districtm.io
cdn.doubleverify.com
cm.g.doubleclick.net
cms.quantserve.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
dclk-match.dotomi.com
display.bfmio.com
dmx.districtm.io
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
g2.gumgum.com
gcm.ctnsnet.com
geo.privacymanager.io
geolocation-db.com
get.s-onetag.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image6.pubmatic.com
img1.zergnet.com
img4.zergnet.com
imps.monu.delivery
ipwatch.monu.delivery
js-sec.indexww.com
js.gumgum.com
lm.serving-sys.com
match.adsrvr.org
monu.delivery
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
rtb.openx.net
rtb0.doubleverify.com
s.pinimg.com
s0.2mdn.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssc-cms.33across.com
ssc.33across.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.bfmio.com
sync.mathtag.com
sync.serverbid.com
sync.teads.tv
tpc.googlesyndication.com
tps20519.doubleverify.com
tracking.m6r.eu
u.openx.net
udmserve.net
us-u.openx.net
winkgo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pinterest.com
www.pinterest.de
www.zergnet.com
z-na.amazon-adsystem.com
ads.pubmatic.com
ap.lijit.com
api.rlcdn.com
biddr.brealtime.com
cdn.districtm.io
cm.g.doubleclick.net
contextual.media.net
dt.adsafeprotected.com
google2waycm.netmng.com
js-sec.indexww.com
lm.serving-sys.com
match.adsrvr.org
pagead2.googlesyndication.com
protected-by.clarium.io
ssc-cms.33across.com
sync.bfmio.com
sync.serverbid.com
tps20519.doubleverify.com
u.openx.net
104.111.242.245
104.16.68.69
104.244.36.20
13.32.99.35
13.32.99.88
134.209.131.220
142.250.185.162
142.250.185.226
142.250.186.98
147.75.61.140
151.101.192.84
151.101.65.194
159.89.102.253
18.156.195.47
18.185.195.105
18.194.83.218
18.196.230.57
18.66.109.174
18.66.112.29
18.66.112.32
18.66.139.114
18.66.139.91
184.30.24.193
185.29.134.248
185.33.221.89
185.64.189.112
185.64.190.78
2.18.234.21
2.21.141.169
213.254.244.11
23.37.38.181
2600:1901:0:333a::
2600:9000:2156:400:8:48e:53c0:93a1
2606:4700::6813:9b5c
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9c
2a01:7e01:1::ac69:92e7
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:291::1931
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
3.33.220.150
34.107.148.139
34.120.133.55
34.149.20.76
34.233.22.207
34.249.15.20
34.254.8.42
35.186.193.173
35.186.236.140
35.190.0.66
35.227.252.103
35.244.159.8
37.157.4.29
52.18.126.50
52.22.182.4
52.222.213.35
52.222.214.22
52.222.214.35
54.93.158.246
66.155.71.25
68.71.249.118
72.251.244.140
72.251.249.13
92.123.225.41
0045f969f90c37c95013b7551b7f4c86360f601c9f599209d65a22a2367b7542
02861230820ae5d14cabd05ab5af71cfbb32a9f1daefb898260205665b90d87b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041f2f6b399cab4d99d9a1a39d1c2c07bda14e21fa693f81941fc22113e38360
0596121f2d2d72f22a21fc3696c5e81e7bac5a5f711471419b37bc7c68c516db
05f30bd964d0c7a058add5138107112c0597bc53e88e8320afdd226e5de06055
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
07b8f9cc260ddba7e5a0899f13ac76f6ab9e0ed6bbb13873c09994823ccf5735
07c979abb4701b52ecd2b324a01a3473d94702f28bb72c2d3deaf8b66d207253
07d37037fac00adaab8d3068112bf139d2249facc615e9fc6674ce90f103f48c
09bd3ddd60e1a12a9efbb1340190552cef95bc3992fe5037a1fef81a6fc7fb23
0ae60eba744f8b4ed8759131f555b77df7a664d8ec5b246dca3522654519793b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
0c8cce6f8be090907e1e9256eb1ca7ffa124a753e55cb7ec1af617b5dcf22bdb
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0ebcdc91dff1db71eebea3af4d6dd918a32140f93f4e230b5316ea1b737dd7c3
0f5a3b91487d3f246aa7f6839ffe19dc664708ac591bd930d12950b4de79c1ab
0fc8d1b983fc49854d710bd6626a38ca5a69c752158ffec957306ece255d3bc8
10189ed67cace0be73ff2373965a786e1424c49fa0c3de49aa7617bbf4a4212b
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
11377efdcdf0b6a9764f01724abcfa837b54dcefef12accdc51263a1cb334ae0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131fc94431963db2aafd9df8e135a76ff12eb7a9c1701196a48c7c08aa1145e9
1390597be1fe490198f426618ef8ebcfc982bf6c26402da743535d8686fcf86a
13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac
147d53c57e0e6f608761dc4a643878368988f8318bd8ac4613c24582cd2139bb
153302ccd34df160b9a5c101e8abdfb45f802882ae11ba76b51f7a59f4071e8c
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
16cd42bf46837474bfcf3d585ed9d2e005e1eae47686dda2bb113dcbd8b44e1c
17106df066ab8dc40eeb9326a3fec2b8d5c8133156d2b1307212d8dc42a6acb3
18a68496a3b2112ef25280442a1532c7c60aa47b9e4b479760a08af600e5a339
19a322a6ce7f67fbeafc4643d7a82d74329ad1bfc65ce20b09bd13a8fb4ce93a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cccc2be6d23b4219bcbf3b897ffd927913519de2feb8f5c3f16d05f21e0d757
1f10c634618a8a3daef3d917e00c838fadf34f80a11cfd31bc30440e40e77d75
1f385f3708c38ff3f42ba085f985b0a42d1e45b30361da6319e3c262bf713133
1f412e81137554ae350dc45cdc1066664cf1cf6b3084630e374e33bbfebe3ce4
21058f112746e4377b9de51eac84b90cf39cd87a98baf4c4720feaa6ac148bbc
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
22627059d26adcbaf0eee0c72859241c6fca3454a6984fc4b819c95c65cd7aaf
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23d4fd6211a60a89974a67c5ac871714d2e78173538269baa632f6f2de0dca85
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
25761a27938f7b8d23f1672f36fba30a594623322cd9a058416c5b2f1bd262d6
257ee5eb94e65ae5ecc318ff256cf717b723e69844381ba1d217e56e385f5aa7
26753d248f9d962b5c798450bc07b761409337d98cf358792e19aea1765ba5c4
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
27a1ae63debbb1d821a3d93f3a110553b7a7714ebd272dc6e8915b3a9f4ab3d3
27bc0cb7e7e10d7caf0982f160c1860cb1957c710ee64ad3a21af29ec4a1edfa
29310cbceff398a7f94703bd75cb127867f9184b2c8a67b1582b6825bfde10c1
2a21726b782f929e57f2e9111bb223a5cbb85360637896fdcc8ff6956931c044
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb07bfdbb9c8e4f74d67bf241759d4a3b6972513b5818da576106c8e870e62d
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2d6c09bfd0f692c0d7b1fe4f83aed1928715c8ecef5e2dc23177d3ab41f56f36
2e44c2f4e3b0aac4787bad4cb59f788a4771d900c1c9dd34eae7498d4780c415
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2ed366a8358e97bf42f3500c0069235c74fb0e540ef8b1b376866b18e055736f
2f827eb7e4e6d612a9b212b3e3af04a6b264b9a72186afcde80c4cbf11f536e1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338aa0236f8241e8f8dbb8f477360de385c3dfb8941e0a95e720b1114bd0cf40
34399bf105da7ab605ab63afc1694822adbc66d66457d59a0d31c2ddea07cb99
34db11d23b1b71496d67661f658d3f0e00bd9537b98c02c32f5b621f838be247
355dd28c5b9870937eb906c5166b5efa86572169a23d20dad056039a6491eec7
3622ea62d6f385ba04ff4428d5c8238fc0bd81982a1afddd17b2a141da760463
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
387de76bb44a10e83a33d3573c953bc8f8bb418da592bd5f19dfafbc1f872369
3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47
3a259b6d2fe0671d6763c6ac5ba9119acaaad3b9de379719708f6df47ec8ef33
3b3dc086bc1f3a0f7fa0616b32e3ac33967c07d06803c9bd628c409dd4497e88
3cf45271e11710522e04f94fda7918d72a971faa7f548d34d0bffa77e932f658
3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96
3d65df0c2fc60fabbd9b67286a364327c72784f459b2f5fc288409d9a27a372a
3dccf55b20a4495631f4edc00c62c491e882a39cbed906ea262fd24b3dd17a5f
3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
4405f9185e0ed69e35080f3e6d9f906dc921fa15b668f195eb983890ed5882af
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81
47db7e173d5403eed3079ea5fc6a270827f1b73eda40a273c18fe3a694e9d01b
480cc82812c36e795d6ad86fb4627351331396178e063c8ac711366c0cc40df0
492025f252d2b75327f81a5a3764335325a8850e5c7632fc640d42786c4d7a3e
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6
4a648c5670b337c9daad2c9da8b7122bfdca3d71de4c266e7c9dd61c9af28da9
4a6f89aa01d37ad481b8629dd2680319ba0a3638d5741358eedc7a1ae85617f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd98444e75e687006110aabf16507b71a7359c08e65a4e99eda552475e60198
4c4f4fe0fca418095787860851cbf34595be5083ab80bd37d58cd60e3024179e
4d42182e17c4442c45a80526d41f47cb9421205525555b039f4bf739075d4dc5
4d6404cad347efa7be24b23affb12c49752375fd2112c9e7cb7f0208815b3b75
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51edfbbe0edf65fd290fb55205705d115ce0e58668bf280b2c26d0e4abb80650
520b0b93ff1616d86b726e866e24ec9a7d93fd31bdefeaf50c23de030b8f3aa4
54d4b785e8d0ab77bc56c5afe8f33ac41b51bb4cf51a1399e6578250a9284205
55846fce19564c9ed6190bdd783d7636d881dde607db70cbfc8a55afeee9e12b
572860b1d1f698af168d1a125b7f563f4cfa0dbd6103cd7628d39c488d20bde2
57fcb5ebc2a58f019f505fe18bacc6c16ea38a01dc1ad7e8b073a8020203b619
586e46427d67825f4728232f3065c13151b04a6113cd9d09436c04cb921eccc5
58b09d5a19f4eb1a9ca3c0817f1643bda7a1240a40f9886e5817a75c8f0d36f3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d0768e04b47da32173cbd3401778193d5c2a61505ae06d717d8b19bb4535127
5d568b3b95ad1f1dbac3018305f0c498d9c50fcfc9702c879f2f9d3020565519
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f10a73d3fea45884bfecfefbf8fe337f91e04265aef10fec43a91ee977f3b1e
5fa8e72e0598365343040ddbd99c79f3462ba4f20a99922e4e47710297fdcf9f
5fc45aa9165866407a8bc0b6b55b150c9b340398ae56e0a74008fcb35a1812b5
5fcbf3619f707f94e935cf215c50eaeda1e1c9b9f6e9f6223cc99aa20cc33d7f
610f1153992ba9b6f3cab863a68d7a8d85dc429aa1a6003d160e461bae9a7bd7
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
628623030d17bc9a6117978e295b14d4a2ef730f8d3eaa61a44af9ea0d9f38e1
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
635dce808beb2af74700396f0b9f7c9e7994c8a83d357ede052be9420623459f
6363112b94e878f10cfa25a0fd5e4937fd15600b9cadd26b3bd5b0aaf4b19c15
64103448b57d0ccff0db5d2a5b9b57591f6907ab127a0fe3a57f2635a3a6fac6
64f2e67a1e120bcd4735ed1203d3e012b843ef3aa37516662280a57b4e7bac94
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65ea26cf6efe8765ecda2277fb0227b7f7b7d0396f1082c5316050ec05434b33
6657151bbf58ab69a4359161ac8f10d2179218c25c5f010ed214093cbe8096f2
686661ed8bd9d82086a84775ff7cde8675c339f77302076d8f0def1b38313b9d
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a5ececcb07ee4d2f3edaf096ad41bf3a6e29c76f9a0b3cc8916f3a82b8950df
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfa42c08e8cbbee33dd13fc90fc3ba38ff587028afec2c44e15641a40577108
6c18e92fb2fe9ee65556d3508c971c51023e2e5f51b70d3910046b9488049373
6c2d03a0466905c577e4c26486bff06cd05fdf35ba9b1fae2cd9c475af61e2f2
6d7aea0f6344b19d8fc9aa182d385315e1d9956bbf0e2bc8cf0a80b66f1689b4
6da9d256b7a0d5b69e9fddb56491463fecc0ae806c15a58f703cc00475c65c44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b6a41af7246aa18bf2e6e66e2349adbcaedd6b551ef0e11c80532f8a294658
74dcfa223cc2026109dc555fb51afbc6b0bba578b2a3eb41e8d6a0b1718bbbbe
7601a62ec36906013b1b8d78fd1fe9978b1beb523ee4165f62ebfdb1aee10dcc
762514fce5a6e5d69777edc3258bf2c3c6a4c03840a0f88f1fda40859d61ec39
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7b0f8b2833fd5a3c48f2433a19d9a63c05be6f33564ba25100e7445ad6137f89
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7bd9217e97e5bdca98b4f057f7093a73995b2b970e3d2ad4dfdcea4a6b045b7c
7d4302d9a77ffe90d862721eb5749bc1b858d964f0a9aeac1ab6bf4cd07775d7
7dcecfc6cf63c0e31e72fe54479af650479d6eca86a46a70f79becb954f476e4
7e5bab297c52a21f0c9c28fbc3e1cc3ddb674c2502924fe77a980fd31fee8bd2
800b5e93616451d2bf1d5d1c21c827d92af53762800cbe2fc774ede2a48ea627
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87a26f15ce2cb48c61fd2c0f6363d6d8dc808b17e51c31d9f1d226e4566e5462
87e59d71ba67c1ff3bcd6ae9537316ac500a7b7fed0717e6e7dbc7889c09b307
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8d1eb22afbd92b53aecf660a0fc7f9233bd855f687e384f6a6daf9d74e7d95f8
8dabef7db0d834a2e8d32bb01c81af144b87e1fe8dbc286f89161ecc26fa07de
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
9084df56d5fcfee7de995cc7c9d80e0a4775d5183287af0a82d52de2d0d03a34
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
90dd4a23d14e1918989fe6c949dc2ae07193043a7d97dcbf55b97cff3a8026a4
90f07d0dda7845f34045de9690b4af23d7b1a1fb50c9df7bc414064a96fe8002
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9176471e37e3d6e7879397bed253b3b342ca5a63eea567e7a70b97a2168aa23c
92e508e0315c4e6845e02c97253ce3bfbb1a54b44371e4a280ed71958c77b173
93ab5c996638f389bca49f7a3fe2eadf1aeddbf865fe7e660930d0c5036a8c51
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
95e88b75b9150c889892b55c2c6b2de8bf182222e5ae610c8bc24732a6e3b8c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8de3bfb9696c6fba00333584d72dd9f51a1f8ff81a7e85f78e1f4435a4fa6d
9c7a10535a4a880b00a50201697c31404dfc16ba68ef15fc3fbc93a9a6e7c6d1
9c7e4b3e448a6915399c0798dcf6acb7cdbd7d17edff89f418fd381239d7c235
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dc0f76fcd83f2afad287d93217bbf1f8b787c10d8ec6831693a14617fe25e08
9e4f6bb659e9fb69286b9f1de467e9755b65ef2cf599c648fbf0f07ab46cac94
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0242fe8467646c0395ec20d19a483047a2ccbb7a84af642a5f1f4c9c182d365
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2d621596d99182b3a71ddd49d416c030afd3f6d3ee4f2e148eb8ff623479b49
a36782e501fddba98682046fb2197d9bfd49afc0f934629d5503b57756d6cdb7
a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6ec9b4b5e390f2f78e5890323bcfab67b352d1f48cd357cf7d1ffcfd5d11465
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bdb6fe2ca02fc669ba61b8e2c579e377c31762c87552325b3033b669754e45
a81e2baff09ea706a875cace591493330555e8c8c7aa3c703d63aa748cf12641
a978ce8655fb0bb4e23b140af5ebd15998f14efcbca8d7ab5db832e7083b74e2
a9e0c5d0659ac7cda02eb26d27b0d5c62cb9f426629ccfee28f6ecd8d306d096
aac95e1d716113321b2b71ceaeb2a5f2687da7644680edb0c8629a9955ea6e53
ab2819e31d09f6ba3b7ff59255ea9b7af5ab7e81292f76100ab90c522054e642
ad2b845724ee136d3f6503117eb5f21fe4864b7d1d9c33ad299584d7c8d3d7f5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b186558b1f3b3b41c545caf26571f74b55202733e8680aeb35d27d341c2cb6bb
b1e18b8bf2e860ed51dc54b018aed97602eb99d06a13752d4382f6a501cfba23
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b6517f7c43b6a2db4083f4add21d8999fdf29c2e9e8e81935c15d7298209c2d6
b76083e0786b35c2c153887bbcfee4354f1b53f06d50323e89768df065d977e7
ba8e3aeb3db1e78947771fb5fb7bfe36d92310dca77b2f3e218e0f5c25e37ca9
bab4a816f29f44db701f4b9a117c2010832880d0fc82052e563200fab585bc05
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc9cc091e3c90346e3b9a8425f3649e9247e5af33233265478da1b0955a4950e
bd14dbc2942bd971e7cdde22a48151c7dfb1b63b439673330ad783d26f68f2cf
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be3174de0973fdcb903878e97a527ab233143921e4aac848eac78ddd618d3d08
bfea431fd69ca69bd6341c531329f183e431a40e060cff6b9d9aca636d7792a2
c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7
c11b97691e12238100aef68230063f08280459d5e9ddc1b513872a013856f78e
c207bd82a7804c83a03365145221aa699e09a034b14e34a5ee4cd83b09101006
c338ba162b00c9ceee37891f8086a90c697d528dfb558e15a93346a931149df4
c3ca5cc3779b84d7f25481205ccbddd61d0ec1f0bd62002bccfb9b1a9bb4476d
c3f6386d656937d437f2ad4dd98a41e0d51571b1f83c0889c72f1327bc5cdb4e
c5e507cdd056c590258573b14fed0c8232ca65e2ebf4712cc19f30333295d3a4
c85f63301948a22597d1db3060cda8e4aab5ae1d8882962984f96945e6734400
c89b2dcd3de2cdc3fe4537d7ee394507310d27238f19cbf4ed459cf6b98ffc3d
ca9bea1bda0b219fd691a15df69bc33ee69739ed484dd80627027382ed225a66
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cd61b9883ddff225d59dccca887691a0e8839d7338202a7076bc709d08aa0710
cdb374bacdbdf8f7460ecc0832c30c045e8ba40c2fc79698af6bd157827217ac
cdc8384ffbcaacfd087568b6b6d1b229594f0569b6e80e7a94a2c9d8a520b8a9
cf2251a19e25b9fef01ba8af99ce0787fb6fb33939d7e4db1bb7235b85894979
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ce0cd2462e3a8d8e1cac3a1d39ef9e53f8c6cbd70be1edcc25633c7dcf2a1d
d1d9ff35fbdc637b8841b9a9f128b9191fe30b88caeced38dde1bf6939aefa6a
d2c6d1475d2cafd4d38369143edc77f4fdb71aac89c681d613edff41fc333f3e
d4f37e74d2cd74adfe11d7d46d6b5329637d7355ecc0513f5a31554638517446
d53c8c4c6a873be61370d8106d79af437a87b2ef75a0273b8629fa68f0351853
d57718f4773ec36c8a09303b21530f5d203eb717a69ac38ace2da2f083c3409f
d5f5ed63f47328613966ee42c7c6bd826cfd6729b486971388faf87ef5dd30a2
d623c9f4f722149803a6bc17abefedbe47ac209b16ba75892bbea5fefad223e6
d6ce547a81bbc60cfcb4886914e7233bc79d8afbddbf5e6bd759034c59335064
d8400a808daf47a7374eb514a7f0dc9ec2c16e9e0a4a21bbb29acadadcbe51a3
d8bf28960aa7da7a49624bcc2e9e19d4f7dd227b0f68aef2b3c160ee0630f5f3
d992e77ed92a9128261fed97bac167232803c63fa87a20dcbd59ad1e5ee1debd
da36ee89c82b78710fb0f084702424291839bb7541d575088b3fb35e89166c98
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364
db7892bae41a6f255cbacb47c9023660b89409db55a1270260c52d6d140d6c62
dc01323987c050dd4e410f0cc5c845502df1eaa1198f40ba5ffe1a36fa5ae52e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df4463692c5e298ae03fa58f738d8518264061fc24921636eb82070a3578843e
e0b8902e5e101a6022450ff50d7b55f3b519c7ef17ee0fedd03e75201b37bea9
e1b09bec753e8e293c636fd282c7c1203d55ffeeace6060968121be017b8abf8
e1d9183dac3e1ddde897b5a1718d18f42b50c6ab8fe9deab8b29f04bd2cb2d8b
e346270399ccbf082d591f7eb7b985390d864423c82774b996c4a88a677c9bcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47ee048a6d1b828730eade4b5007f14d362ead17782121e4e0205c9d1d3880b
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e8d0cff182f00f9c5c17e079d81f4cf9287e80f7fe19991f9e4b419c02c948b8
e98b51db7776fb85fa382fa2f04efaf8902b61e79c644f4d91d0d7d2157d5fcc
ea80356462a79f1959d3c1dfd508ef003315438f55020515e0b496b60b37e058
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9bf182da7d701d61ef4642523eebcb0ee3fd95e781d84c23fb46397773739
f13fb8b642dd6e35151ef48192b622ffe73bf9f59566fce331ad3a4ee662e2b5
f17d9b1e8d61406a806cca1b755b61eb7eb6bbb915d3b3ea433b004ca181e852
f357f652aa8597342be71cde83c1b9a8c0105042ca5b4552b940788185bbc9e8
f37574c64e736ab8bca86843f13ac85a2c66ffd2979e1e8518cc52bc423458f9
f42bd8439e54c505af3ef0fac4c75baeca7a9a83b49b31a4a4f28bde524598eb
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f6765dd6297c3c59194e9fe66b4e757c12477ac4e8543b521352ec195c2dec58
f76d84b1f8d9765b66eaca886948ddda114cb04173566fa6c7883c1c8c0508bc
f7e60ae0a744f11bec52f7896456cbaa940c4b1a028e4a0c125c69be09583efb
f876a55ce317507356f5f67d8a6ecc56523c3c3f09fa3c7a37623d395e6c7aae
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9d0c58aecf59b691035578924aad5463650c864831b64244dd9e49064d23a31
fb4148faead14cbc48e637a2c15fca1553bde4adf05446d0466ce63402c46650
fba04bebaba1723f824589fce04970620255ade79b41d23f46850b8fa1ca5427
fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda
ff8f6e590bbc68aac49cf07c7812d8f85f4a4267a151c7ef40cdc03438aa7587

winkgo.com Open in urlscan Pro 2606:4700::6813:9b5c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

524 Requests

87 %HTTPS

28 %IPv6

55 Domains

90 Subdomains

69 IPs

7 Countries

3729 kBTransfer

8855 kBSize

27 Cookies

8 Outgoing links

Page URL History

Redirected requests

524 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winkgo.com Open in urlscan Pro
2606:4700::6813:9b5c Public Scan

Screenshot
Live screenshot

Full Image

524
Requests

87 %
HTTPS

28 %
IPv6

55
Domains

90
Subdomains

69
IPs

7
Countries

3729 kB
Transfer

8855 kB
Size

27
Cookies

524 HTTP transactions
8 data transactions