m.askfollow.us Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/sFgpaCUXF7
Effective URL:
https://m.askfollow.us/
Submission: On December 10 via manual (December 10th 2023, 6:39:56 pm UTC) from DE — Scanned from DE

Summary HTTP 197 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 19 domains to perform 197 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.askfollow.us.
TLS certificate: Issued by E1 on November 19th 2023. Valid for: 3 months.

This is the only time m.askfollow.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 2	2a03:2880:f27... 2a03:2880:f277:c0:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.104.29.90 172.104.29.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6 24	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3 46	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	5.9.137.180 5.9.137.180	24940 (HETZNER-AS) (HETZNER-AS)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
2	95.217.106.24 95.217.106.24	24940 (HETZNER-AS) (HETZNER-AS)
197	27

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f277:c0:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

l.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
business.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

mucerentacar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.askfollow.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1848-90.members.linode.com

service.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.9.137.180 (Gelsenkirchen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.180.137.9.5.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (Brigham City, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.106.24 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.106.217.95.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	951 KB
31	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	323 KB
30	gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	519 KB
17	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	757 KB
16	google.com 3 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	70 KB
12	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	511 KB
7	askfollow.us 1 redirects m.askfollow.us	27 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	6 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	amung.us widgets.amung.us — Cisco Umbrella Rank: 33548 whos.amung.us — Cisco Umbrella Rank: 17707	7 KB
2	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 115875 service.supercounters.com — Cisco Umbrella Rank: 122287	1 KB
2	mucerentacar.com 2 redirects mucerentacar.com	1 KB
2	instagram.com 1 redirects l.instagram.com — Cisco Umbrella Rank: 8412 business.instagram.com — Cisco Umbrella Rank: 557863	4 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1273	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
1	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	2 KB
1	t.co t.co — Cisco Umbrella Rank: 589	1 KB
197	19

	Domain	Requested by
46	tpc.googlesyndication.com	3 redirects googleads.g.doubleclick.net t.co m.askfollow.us tpc.googlesyndication.com pagead2.googlesyndication.com
30	pagead2.googlesyndication.com	m.askfollow.us pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com t.co www.googletagservices.com tpc.googlesyndication.com
24	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net t.co
13	cdn.revjet.com	ads.revjet.com srcdoc
13	www.gstatic.com	googleads.g.doubleclick.net
12	www.googleadservices.com	m.askfollow.us
12	fundingchoicesmessages.google.com	m.askfollow.us
8	www.googletagservices.com	googleads.g.doubleclick.net t.co
7	m.askfollow.us	1 redirects l.instagram.com m.askfollow.us
6	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net m.askfollow.us
6	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net m.askfollow.us
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net srcdoc
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	pix.revjet.com	srcdoc googleads.g.doubleclick.net
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	mucerentacar.com	2 redirects
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	whos.amung.us	widgets.amung.us
1	service.supercounters.com	widget.supercounters.com
1	widgets.amung.us	m.askfollow.us
1	pbs.twimg.com	m.askfollow.us
1	widget.supercounters.com	m.askfollow.us
1	code.jquery.com	m.askfollow.us
1	www.facebook.com	1 redirects
1	business.instagram.com	1 redirects
1	l.instagram.com	t.co
1	t.co
197	32

This site contains links to these domains. Also see Links.

Domain
www.supercounters.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
askfollow.us E1	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
supercounters.com GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
*.supercounters.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-21` - `2024-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://m.askfollow.us/
Frame ID: 1AF0CBE23BA5ADD95CAD97555FEC7DF1
Requests: 32 HTTP requests in this frame

Frame: https://m.askfollow.us/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: C8FB1F7FFFA19B485B5D4537B37E8036
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 82EB279010BB11C3CFD498A4C00B2354
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&adk=293675617&adf=814277786&lmt=1702233591&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591532&bpp=3&bdt=273&idt=296&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=736204388504&frm=20&pv=2&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=307
Frame ID: 4A3150774B01B360454209356A2999A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=3932954383&adk=2892710006&adf=528667521&pi=t.ma~as.3932954383&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591535&bpp=1&bdt=275&idt=309&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311
Frame ID: 7D84D2D263B987AE64782DC01769D6DF
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=1573588191&adk=3887882459&adf=3083462764&pi=t.ma~as.1573588191&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=313&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=315
Frame ID: 418238EA8F2E224FD4EA59995DFFBF0E
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=7105912634&adk=1462908434&adf=3543289036&pi=t.ma~as.7105912634&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=316&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=317
Frame ID: 652C25820101065A77000D7ABEDD2447
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=200&slotname=2712106593&adk=2474530452&adf=667525225&pi=t.ma~as.2712106593&w=980&fwrn=4&lmt=1702233591&rafmt=11&format=980x200&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591537&bpp=1&bdt=277&idt=317&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=318
Frame ID: 98C7A5560B5403AECD94767B9525A5DE
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 147A12971D70CCC4F3EEA00067BE8FF0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: BADDA8B9E8D78BE72533EBEB1426BC21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F4A94B111D9D13225D4FBC3327344337
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: B1C8BF347B7599B9E36738173C24E0DE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 4A2B6F22FDD2F5E4FDBD11ACE2BF0253
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6E753F8260D3ABE46DF1447A68B32284
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 442199C7A664E4E01B9EC39A817BB8A9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 40FD8F674D46BCCE0F72F6252101D24D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AAB2D7DF3C1981209451B577659D5D18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 33550CCCDFEA1F79E08965C631E0030C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNX4i6YP5ifNzirVeOhGDW7eAeLS0qKu3wHLX41Vc6IZDKnmuD6KIS8iOEKx-uCysiQ1GcUcDAquqeXOkcA9AEhwBMVNaXrjcF96riOWLZgJxxOYUJVlUG7DJKmVPx-fD4cL125mITbN7lbGPRArDba10iS0mRF0fjUi1Ra_OCJ70MyP36M
Frame ID: 74D219D9C6AF5AF6DF23D80C068F858F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6241DCC5F255A980E8FB758B29B365E4
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4E98E1B6C049C35D3DA639E0EDF757DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A24CA2BAE7460EE1B924E9175B795FF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 71C82E38708A3D7094EE82C275411187
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: B9C664A02AFEF1066CA86E38B6FD9E8B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 7F9FF36086DFFEC4BC82D11718F74589
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C44D330814B72D5FA9BD895FB3809896
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: 5480EF664AB566C0AA2AFD461677BB3E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 99A436B222370B12E1A7E498BBCE1381
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABAF82061DF4ED51055BEF9303E13F8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F6581B8514107C58769E9FBC4EE7700
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Who is viewing your Twitter | X profile ?

Page URL History Show full URLs

https://t.co/sFgpaCUXF7 Page URL
http://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV... HTTP 307
https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV... Page URL
https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.face... HTTP 302
https://www.facebook.com/ads/ig_redirect/?d=Ad-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi... HTTP 302
http://mucerentacar.com/hostbul.php?ref=FBSON HTTP 301
https://mucerentacar.com/hostbul.php?ref=FBSON HTTP 302
https://m.askfollow.us/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

197
Requests

92 %
HTTPS

64 %
IPv6

19
Domains

32
Subdomains

27
IPs

3
Countries

3207 kB
Transfer

7184 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.supercounters.com/stats/1680011
Title: 348 Stalker user

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/sFgpaCUXF7 Page URL
http://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1 HTTP 307
https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1 Page URL
https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%26a%3D1%26hash%3DAd_RZsHp2yTIG9NW%23542504107%7Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%7Czero_dot1 HTTP 302
https://www.facebook.com/ads/ig_redirect/?d=Ad-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2&a=1&hash=Ad_RZsHp2yTIG9NW HTTP 302
http://mucerentacar.com/hostbul.php?ref=FBSON HTTP 301
https://mucerentacar.com/hostbul.php?ref=FBSON HTTP 302
https://m.askfollow.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1 HTTP 307
https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1

Request Chain 12

https://m.askfollow.us/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://m.askfollow.us/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 36

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr25ig3AEQ2AQYlgEyCI1gGRvCtpy8 HTTP 301
https://tpc.googlesyndication.com/simgad/2028896861534754722

Request Chain 69

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHt6O-vwEQgAQYgAEyCElUjVZNA8C0 HTTP 301
https://tpc.googlesyndication.com/simgad/7681743886941019795

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CYuCY-AV2ZaT9AtOWvcAPqK-ZYNb5lNJzr6GupK4SZBABIIr5_yhglYKAgJgHoAGb3-jpAsgBCagDAcgDywSqBNQBT9ChFM4nRRv3rzwCRtqq6FPTUdvMRYV6nB0VaqS1ir4KUgh4UwqQYJiy7W_xdJ3UPv4Px76PddlNmXAcCLDMaRasHI5fvC1o_LMWV4JHJ0W2Xw1f_9ifYczGhO4OYJQSRtcOdQCHy2wKZD1MT3k_kjtM0ujaLK3lxhd0BWmvoDtjE7mS-ecc7QKIedbeGHuY2WUBbujvESR2NWgX0icsgVShiXdO7UeaDxnePkcUX8WjNYweJgwTvvOhGudy7TFICD0I9iaxOstWlpvl-zB5jN5llZbABLPd1e_NBIgFu_PuokySBQQIBBgBkgUECAUYBKAGLoAHt8eglQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCghwXSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOPHx6TChYMDmgmxAWh0dHBzOi8vd3d3Lndpc2VyYW5rZXIuY29tL2xhcHRvcHMvP3V0bV9jYW1wYWlnbj1NRi1TZWFyY2gtR0dhZHMtRGlzcGxheS00MDA5JnV0bV9zb3VyY2U9bS5hc2tmb2xsb3cudXMmY2xpY2tpZD17Z2NsaWR9JiZ1dG1fbWVkaXVtPW0uYXNrZm9sbG93LnVzJnJhYz1sYXB0b3BzJmNoYW5uZWw9ODUyNzA1OTA2OIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMMiBQC0BUBgBcBshccChoIABIUcHViLTMzNDQxMTMxMzIxMDY3ODgYAA&sigh=KBQ7uG2Hevs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNZVDgw7VGQdHvoaTAmfs5Xw8RGLraO4KYVzVB14oBHCt5MKFVRBSjTxBLELxEPM0CU2onfZL0Pl9HW9gjyZot3edutvIumrRocUsYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210758040207668493128%22,%22debug_reporting%22:true,%22destination%22:%22https://wiseranker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22758787995%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218110120416285790689%22}&andc=true

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=C55Lg-AV2Zb2RA-iOvcAPlPWciAS6_pDcdPOAue2uEtzo3P-pQRABIIr5_yhglYKAgJgHoAHor-yIA8gBCakCYi2If_cOsj6oAwHIA8sEqgTIAU_Q3YZ-qkT7VsMWKDFnkY65tIovJICEFpHaqZVttidwr9FwVHedlkVNHBWZmrmvpYvRzIeXBBqMF5W_PJaDK1QA3L-mgGOVl2Hel8yO4ZGwdclWW_3m-Yceu00rxYtOd-j3xdZTagbPiZZngaoUOM-pDnKNSTvWvVUbtQr3lZrGWFKbs7zmlPhzha1pr6xIuAMf6Pcm4u_EufRIDfouUclA9vvg5ly2VK9xn57kq0xL5ryM5ueenXwHHbrFlju2DsKGMgqIMQkcwATKzveLxgSIBd3ls55NkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQmcEF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljxysekwoWDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0NDExMzEzMjEwNjc4OBgA&sigh=vbtK9pNj4Uc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNFUzxjqqiiHphRcJI3lypY6W2dIGFQCEniUd_ygdluVqcXUEvzG13v4tc0fkOeJxcGK1TZ9Y_mDiVmOm78eXyyvCv_Wgr8EDVKBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210318047586084539864%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223356162465395853665%22}&andc=true

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://googleads.g.doubleclick.net/pagead/adview?ai=CWQiZ-AV2ZbznAsPAvcAPxaip0ALzmf-LdOfn0drmEcHfr7_0PhABIIr5_yhglYKAgJgHoAGWqYH_AsgBCakCYi2If_cOsj6oAwHIA8sEqgTMAU_QqfBYD6xQApZ_2klM72UFIuONpwkrkADqfQLaBkLHtSbWfO55ro_qB2jUyhrWU25C2LlDZCE6bdskIESxCzrk_ttcvUBXuXFid8Zkv7fPA0wWc6xy53YsxfOIMgX6qDnrTRdHDv56NBLFvP2fxYo2uFNILP43ghSPqom2umAJrxGXhvaH5wUO2qbiMl-gXAtuusv194mtlT43sy4NQ6U4yDZUpYyQ1FLflpr-sD6M7wjNW8V85HnWdiOgR8bN8aYLHVS2Cd8si3au18AEw8GIy7YEiAXzuM3wS5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeQqup_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEKaPCtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYw7DHpMKFgwOaCR5odHRwczovL3d3dy5zdG9mZmUtaGVtbWVycy5kZS-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0NDExMzEzMjEwNjc4OBgAshgDIgEA&sigh=nK0js9-itJ4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN2P4G_UwyUzYZe8raams3UxDevbT90IWkHoQ27lJKzOdlYcNcmn-9uu6WPDbzX8AHjTXotVYlF-aTZJIBzmDsBqmP_OFbD3eCMtMYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217600509748517475599%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222877851665654133057%22}&andc=true

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=CG0fU-AV2ZZ6aAuadvcAP156ViAm_vOTTdPHe1OOfEp6859OEDxABIIr5_yhglYKAgJgHoAGEnYP7KcgBAakCYi2If_cOsj6oAwHIA8sEqgTRAU_QGpjCW9GbPvV6d95tRgdo7JQJi_c84MdHgaEcePJZVY53LA7EL_Z980Dgo2h_1ockRdpNboI3kN5ai3wLruxgzmQDSkVejioxzYe_NybKzPhSXeIATfX6vRw4XrBnHZWWBYKz4k-oMbqbEe4hDRkrm0KmTq80Hk_pMfpAoh9U_dcCLrBNXqeNGf8rNO4XHf7OzULComY1wSo8Uvh5Bu-nB6_EW6kvIWwB7H7kcxI0Ca5G3gKyxCkKkv6_tNgbzYW8UZjUweIgkLbY3puxZolcwASd3pGjwgSIBa7W3J5NkgUECAQYAZIFBAgFGASAB4TV09oEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQwMsZ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliAhcekwoWDA5oJF2h0dHBzOi8vc2hvZmFzdC5jb20vZHNygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zMzQ0MTEzMTMyMTA2Nzg4GAA&sigh=Sw3rZFjSGhI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNgDagrTeVyNKmHZuWDYuDEmuBPm6nIleCJCGLSCp4mMPLBLNI3gZUMvFLwOjaxzoB7M9sKOaUjeiQadIGvzH1FyyT8fFZEdKWkyUYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228771306847799416662%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263856260%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216292735399459706961%22}&andc=true

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYF.VhHLG0Tbbp47CWtYAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1&google_hm=2

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7hy15azhyCslk8jGUKIHQ&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5NDk5OTIwMTk3MTE0MjUw

Request Chain 156

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHt6O-vwEQgAQYgAEyCElUjVZNA8C0 HTTP 301
https://tpc.googlesyndication.com/simgad/7681743886941019795

Request Chain 162

https://googleads.g.doubleclick.net/pagead/adview?ai=CbDtq-AV2ZcvqA8ydvcAP_6yA2ALzmf-LdOfn0drmEcHfr7_0PhABIIr5_yhglYKAgJgHoAGWqYH_AsgBCakCYi2If_cOsj6oAwHIA8sEqgTGAU_QsAvgwdW3GTV_BK4H4gIzbKmDV6wCVhoac5L1kBz3F0Jxk1dDBQ3hzpfXhC91IEZSc9YpCHEfxC1sMxNRpiwCePau5KQctaKn2rM5ocvvL-TvdEdMhCvh6mbARInfG8tLC4qdIwel10fCdc6L9VpA9U6p_hJ1yZWgLm4Wg1LAMoFFF9eFrh6A_3Q6yNcVT3V4BlGoB_NFDzgTnOwcAlSjHTxW7eAoQRafKsLHVPd9qowg-B0bZqWrpnHkx9NDxpsb_JSnHMAEw8GIy7YEiAXzuM3wS5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeQqup_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEENuKDdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9f_GpMKFgwOaCR5odHRwczovL3d3dy5zdG9mZmUtaGVtbWVycy5kZS-ACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtgTC9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMzQ0MTEzMTMyMTA2Nzg4GAA&sigh=TX7L5QMHDuk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228991591169304762328%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222010457642818220385%22}&andc=true

Request Chain 165

https://googleads.g.doubleclick.net/pagead/adview?ai=CAi5z-AV2ZczqA8ydvcAP_6yA2ALKq6HbdM7vo8-oEqq4i5btDhABIIr5_yhglYKAgJgHoAHSn6LmKMgBA6kC6WKMwqs3XT6oAwHIA8kEqgTIAU_QSCM7mCbKY8c2LCqzh1auQDgX3Jkh0oMfEZUz9qkWiILE-9YWrdsqQef_Uau4iRImUeaCNhM4Qqi8243qwfMJ8Cd3Oq4c7pPYB8YKaVcPWok655WwBJx36xyzgTfiIjNuF4EauF4IynYVsgsEc-T3MEHovLEn_H4LfuZl2WL-ATRqyid02GELwTSECUbJWoNwYFmRh8VWSHyW5L3S9I9DFyvfkyA_tPCXD30Yku4y50TtEmoJeM6oQgisZj8IdiutA23S3CzQwATEpM6ayQSIBYfduMxNoAYDgAfS1_LFA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKXXCtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9f_GpMKFgwOaCSFodHRwczovL3NwZWVjaC1tb25pdG9yLnVpLm9yZy51YS-ACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAtgTA9AVAYAXAbIXHAoaCAASFHB1Yi0zMzQ0MTEzMTMyMTA2Nzg4GAA&sigh=sIT5SWdv6i8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212587552417005299604%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210951888850%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229351510619329335665%22}&andc=true

Request Chain 190

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702233594870 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CMy9g6bChYMDFbX2EQgd7FcKrQ;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702233594870

197 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 sFgpaCUXF7
t.co/ 2 KB
1 KB 2758ms
2670ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/sFgpaCUXF7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 743
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Sun, 10 Dec 2023 18:39:47 GMT
expires: Sun, 10 Dec 2023 18:44:47 GMT
perf: 7626143928
referrer-policy: unsafe-url
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 37b85dfeb93e169ea2feb926abf03820fe72edcb480d651e206cc7cf957d5bc6
x-response-time: 2631
x-transaction-id: 6e37194ec1690c84
x-xss-protection: 0

GET
H2

200

/
l.instagram.com/
Redirect Chain

http://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fm...
https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2F...

774 B
3 KB

361ms
254ms

Document
text/html

2a03:2880:f277:c0:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:c0:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src .facebook.com .fbcdn.net .instagram.com data: blob:;script-src .facebook.com .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' .fbcdn.net .facebook.com .instagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: blob: .instagram.com .cdninstagram.com wss://.instagram.com: 'self';font-src .facebook.com data: .fbcdn.net .instagram.com;img-src .instagram.com .facebook.com .fbcdn.net data: blob: .cdninstagram.com .fbsbx.com android-webview-video-poster: .oculuscdn.com;media-src .facebook.com .fbcdn.net .instagram.com .cdninstagram.com cdn.fbsbx.com data: blob:;frame-src .instagram.com .facebook.com .fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://t.co/sFgpaCUXF7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.facebook.com data: *.fbcdn.net *.instagram.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.facebook.com data: *.fbcdn.net *.instagram.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.oculuscdn.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;worker-src *.instagram.com/static_resources/webworker_v1/init_script/ *.instagram.com/static_resources/webworker/init_script/ *.instagram.com/static_resources/sharedworker/init_script/ *.instagram.com/www-service-worker.js;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:48 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
referrer-policy: origin
refresh: 1;URL=https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%26a%3D1%26hash%3DAd_RZsHp2yTIG9NW%23542504107%7Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%7Czero_dot1
reporting-endpoints
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 8u77Riba2wMVjuI+qOO34eLW+JbaZidMJJT9ZcwkdS2fo4ht76exQG7SSa7GaQ4SMuVUxzJGBnxK9dZ/5Zth3w==
x-frame-options: DENY
x-robots-tag: noindex, nofollow
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1
Non-Authoritative-Reason: HSTS

GET
H2

200

Primary Request / Show response
m.askfollow.us/
Redirect Chain

https://business.instagram.com/micro_site/url/?event_type=click&site=igb&destination=https%3A%2F%2Fwww.facebook.com%2Fads%2Fig_redirect%2F%3Fd%3DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF...
https://www.facebook.com/ads/ig_redirect/?d=Ad-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7...
http://mucerentacar.com/hostbul.php?ref=FBSON
https://mucerentacar.com/hostbul.php?ref=FBSON
https://m.askfollow.us/

12 KB
4 KB

425ms
327ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.askfollow.us/
Requested by: Host: l.instagram.com
URL: https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fe9b76c7c0779922ddb8d232d6d774ac0b343a4ef7c159e75ff687a95dbaf2

Request headers

Referer: https://l.instagram.com/?zero_dot1=542504107d8fdb7e0a33203b231e37609ebf82840&e=ATPbIWxiahwmglcKERBhV5lWvXgh6_zYmqC8oeKEUsZPh_6BOqcwNE_Tbr4T9iCBB3gmn91w&s=1&u=https%3A%2F%2Fbusiness.instagram.com%2Fmicro_site%2Furl%2F%3Fevent_type%3Dclick%26site%3Digb%26destination%3Dhttps%253A%252F%252Fwww.facebook.com%252Fads%252Fig_redirect%252F%253Fd%253DAd-JVM6myvCi-6_oJ_jpymHxv_BNnSP5BtYChIFeVjRkjOj-EiBF91kZi1YkNEYDhlUKLubGwRmKUknBZOJGVv4Dhm-J4WrLrxzXRcD0kQIl33LE11a33sR8QhoUOlNBLjNZ77oPuDsZhrzHFbi-MaFd7pbB0tP-u1rWpKFXM29r-tUf8oNX0n__G_IoLb26S_4ftV-YvmBKAY8jOUk8tlQ2%2526a%253D1%2526hash%253DAd_RZsHp2yTIG9NW%2523542504107%257Chttps://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg%257Czero_dot1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83379ce7f9ba0410-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igNDFHBgOqjXWWf4YP7vvFNFbSNRUvCQ5IvV3VDLEWUBxFgMxxN8PQY%2FGew05W%2Fj46x%2FOiztR1E2o7pW6eafNkaagdyf8ABcgAcSxa0RabU%2Fd4GlP66eCP561l11d25mxXcy6MJfukptgKV5rA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83379ce24ca56039-SIN
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:50 GMT
location: https://m.askfollow.us/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FyMUEPnd7%2F%2F1zut8jRMK4jXWCfyG%2Be14CAQReLZhEvqbVWfdSepZHoTu5mBRdYPGqkvWZRWUJU9%2BWnvQt4856tua67tqzoD4EenfmAelvK4mxICyQRdxS%2Bt80Y%2B1rsyyp1pETxGx3jZ5I74QF99"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 main.css
m.askfollow.us/ 27 KB
7 KB 50ms
50ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.askfollow.us/main.css
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4102565d25161434c0733fc9fc55378fea4e0f09edd3fcf74fb44724db5018c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5778
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 12:16:12 GMT
server: cloudflare
etag: W/"6a26-655c9f8c-669ee;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDUk7w9YZEMp%2F2aXl%2Bfn%2Faokv7Fs0akZKthCcMHN1EOkwzVCBP5VQQxmmCn7yojolvsitSnP%2FzebEJqp5fbUwq5A3vGkR%2B0x0e7Q15bWqkUM4ef0j%2BGLOreUNOmDh1Odk5SLJecJDOsxgIVeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83379ce98c580410-FRA
expires: Tue, 28 Nov 2023 19:04:10 GMT

GET
H2 200 pub-3344113132106788 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 168ms
69ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-3344113132106788?ers=1

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adf4486ca8606be330a95ae94a4158b28ed667983745d34c3a93cfa389a37e53

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-d_G3BfyYok6Q_xLbzREZiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-d_G3BfyYok6Q_xLbzREZiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 twitter_logo.png
m.askfollow.us/images/ 7 KB
8 KB 49ms
49ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.askfollow.us/images/twitter_logo.png
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53791cd5d4a8ff3b07d935cfc7a018393c14b76a7823eb788846574b8ec6da44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
alt-svc: h3=":443"; ma=86400
content-length: 7636
last-modified: Tue, 21 Nov 2023 12:16:15 GMT
server: cloudflare
etag: "1dd4-655c9f8f-e1581;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kvhgno2p5jyfMk2108VhpKUIyk0VWUyGVdI61lQclDnjmfZqLK8AWL%2BH%2BYjvb9TRM8mSBZtk%2B0VcC0kMMMVvdxt4oxVjPyAGPHCa7dLlbXQNxiSGeRYsRn%2BsQt7dGoKfB16riXD9POLM5j6mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83379ce99c820410-FRA
expires: Fri, 08 Dec 2023 04:36:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 174ms
89ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344113132106788

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a98a3c354c1c8a39bd6d6b333605d042b89e75952b9253c839dfec499ee58c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Origin: https://m.askfollow.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51764
x-xss-protection: 0
server: cafe
etag: 17391036789181448464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:51 GMT

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 181ms
57ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7432926
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-sof1510033-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702233591.413223,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 16, 68783

GET
H2 200 online_t.js Show response
widget.supercounters.com/ssl/ 2 KB
1 KB 142ms
50ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/online_t.js
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:50:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4820
etag: W/"6220ab96-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcbdJ4DyxYO6jPdoC4mG3yDLscMEp5KjowpH%2FK8nJ7JjOPRicHrT2IAQpxgg0hzJJGSJl%2FtIdN27zCJS%2BldW9lwCXgK2kg%2F7QwEMbdZHn5R2CrHKJcSEubCb1wfEM4qQw3uelQLIJM%2BjRkHlW%2FW2rTE99%2Fmc8Aw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 83379cea1b3a39ee-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 noise.png
m.askfollow.us/images/ 3 KB
3 KB 53ms
53ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.askfollow.us/images/noise.png
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe0b8f812276b5f3be01b344e8215731b84d04379b23a6000c962d771dd10e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2649
alt-svc: h3=":443"; ma=86400
content-length: 3037
last-modified: Tue, 21 Nov 2023 12:16:14 GMT
server: cloudflare
etag: "bdd-655c9f8e-e157f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmpCqjPmx7PnvHxKVVTm4l6hsPYRxA%2BZMllhfqS%2FvSSLXmxF2FviHoHpPfdTrny4H9RmilrrBKijf2Ys2vsnpZjdqhtHLTA55TS0tEEkCFDcB%2FTu0MSA65%2BByddSOBsTUM3CnCidK4UkJ%2F0gAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83379ce9ecef0410-FRA
expires: Tue, 05 Dec 2023 06:04:33 GMT

GET
H2 200 wxAy5CYs_normal.jpg
pbs.twimg.com/profile_images/1389502830818603010/ 2 KB
3 KB 178ms
43ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1389502830818603010/wxAy5CYs_normal.jpg

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

e38e4e29965d8a1cde1d70518a8ea6baeb1a01c59a8d6722c9ddafe7c27eb439

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 595625
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2187
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/4 profile_images/1389502830818603010
last-modified: Tue, 04 May 2021 08:49:05 GMT
server: ECS (frb/67AA)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 40a4587f3b337057
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 2473521a46da1a56d8bdc3cec5a6f9423a0fbe677a1aee91379e9a22bf68463e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 classic.js Show response
widgets.amung.us/ 13 KB
7 KB 144ms
51ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/classic.js
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
server: cloudflare
age: 3263
etag: W/"63c04115-32c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 83379ceb683e2bf8-FRA
expires: Mon, 11 Dec 2023 17:45:28 GMT

GET
H/1.1 200
OK fc.php Show response
service.supercounters.com/ 72 B
321 B 365ms
113ms Script
application/x-javascript 172.104.29.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.supercounters.com/fc.php?id=1680011&w=1&v=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ref=https%3A%2F%2Fl.instagram.com%2F&sw=1600&sh=1200&rand=10&label=Stalker%20user&fcolor=170ddb
Requested by: Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: dfea49dde820cdc1a2846fe3ee0e248e98b3cc1300cc17cae2e2cb19a4d42b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sun, 10 Dec 2023 18:39:51 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H2

200

main.js Show response
m.askfollow.us/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame C8FB
Redirect Chain

https://m.askfollow.us/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://m.askfollow.us/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

365ms
365ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.askfollow.us/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4fb1cfd1c0bcbe87986cac48593a31cb790e5d6ac314abe6ec9da57a4bae49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HazZY5R5optpztsxWyY576QhMdwLrgQtZI9HzZYGhJheZvdfw4d1sgje2Jpu7jrSt1BZPc8IAMvraKwOldQ4AGBLBxVfoNKQP2OEQgNZx60z%2FAQLABwfb%2Bv0oDH8%2FUMc0x4cSXsaWay%2BVVOtVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83379ced5a640410-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 10 Dec 2023 18:39:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gh8OUJjPVbIidf%2FVfi9vGX%2BxS86fNfu2aMMOln%2BKFkR30YwOCSy4MjCUTgPs0k6%2Fp7zUXMhB8JnyX7MKwXu42WC%2FiVL80psGMg1NVHiIusGUbl7nLLuGX6HXe%2FXhXO3Q6y0qr5n6N%2BuxZXcEzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
cf-ray: 83379ceaee9d0410-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 AGSKWxXwG9uVngfx_kZoLrl-DcXfCsQ7bihY1AQ5hzS4h-vHz5UeEHKWYFzl5q2J3zAAGZUNzPh_PlfXWbBrUS3SSJmsyK7x8kDv2LBfRityZuXpn1LoEn32eAyBnaLYzmnSDzN_wiBuNg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 86ms
86ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwG9uVngfx_kZoLrl-DcXfCsQ7bihY1AQ5hzS4h-vHz5UeEHKWYFzl5q2J3zAAGZUNzPh_PlfXWbBrUS3SSJmsyK7x8kDv2LBfRityZuXpn1LoEn32eAyBnaLYzmnSDzN_wiBuNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMjMzNTkxLDUxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tLmFza2ZvbGxvdy51cy8iLG51bGwsW1s4LCJRN3FrOGFXLUtrayJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q7qk8aW-Kkk.es5.O/am=AAM/d=1/rs=AJlcJMwzFn9d2tzZT4lj_7GZr7dk9SjT5A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b000548258d8730c574b3a06ee538165dfdff6ebf86e8ffa2461ecf491c86e50

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_6hgaTgY5WFr7ug4NlZJhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-_6hgaTgY5WFr7ug4NlZJhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 195ms
114ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3344113132106788&plah=m.askfollow.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344113132106788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9980286ce7a6ddbde5afe0542821ea2a13cba94e6d6b971cccd7781985befee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137722
x-xss-protection: 0
server: cafe
etag: 8978642477116417946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 82EB 9 KB
4 KB 211ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3344113132106788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:28:10 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 19:28:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
whos.amung.us/pingjs/ 26 B
127 B 166ms
155ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=stalk2&t=Who%20is%20viewing%20your%20Twitter%20%7C%20X%20profile%20%3F&c=c&x=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&y=https%3A%2F%2Fl.instagram.com%2F&a=0&d=3.031&v=27&r=1431
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7ae87d4a33c982b6927577988bc2a6b5df9b802701a22fb21ed5f1ed20e097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:51 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83379cebd8c92bf8-FRA
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A31 531 KB
108 KB 1536ms
1536ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&adk=293675617&adf=814277786&lmt=1702233591&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591532&bpp=3&bdt=273&idt=296&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=736204388504&frm=20&pv=2&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=307

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3344113132106788&plah=m.askfollow.us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98f82d5a4225f1a8089a2b0ca58923cfe01aee31a333cdb7144bdf663eeb3e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109842
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
expires: Sun, 10 Dec 2023 18:39:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cvh%20BlockClicksActivityBusy&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D84 128 KB
42 KB 1178ms
1177ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=3932954383&adk=2892710006&adf=528667521&pi=t.ma~as.3932954383&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591535&bpp=1&bdt=275&idt=309&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab9373091a5d964e3b667b52011e9c8c4c4891f1c3a746d214bc7d7683610df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:52 GMT
expires: Sun, 10 Dec 2023 18:39:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4182 142 KB
44 KB 985ms
985ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=1573588191&adk=3887882459&adf=3083462764&pi=t.ma~as.1573588191&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=313&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42ca00c5a7770f4b51dba088cf0e055fd9f3d83d1c4fab9e7380cb96f580d42e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44976
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:52 GMT
expires: Sun, 10 Dec 2023 18:39:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 652C 131 KB
42 KB 902ms
901ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=7105912634&adk=1462908434&adf=3543289036&pi=t.ma~as.7105912634&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=316&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

104fcf16b63a4b117e1504b6f735fd8cdb9ee07147e3b96ac8bffee634660069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43011
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:52 GMT
expires: Sun, 10 Dec 2023 18:39:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98C7 150 KB
44 KB 827ms
826ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=200&slotname=2712106593&adk=2474530452&adf=667525225&pi=t.ma~as.2712106593&w=980&fwrn=4&lmt=1702233591&rafmt=11&format=980x200&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591537&bpp=1&bdt=277&idt=317&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=318

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55ec14db5dd164b3fc8c5e486df7e833a2ca18dd22230978b80f6231a3c4e8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44712
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:52 GMT
expires: Sun, 10 Dec 2023 18:39:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 83379ce7f9ba0410 Show response
m.askfollow.us/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C8FB 0
589 B 214ms
203ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.askfollow.us/cdn-cgi/challenge-platform/h/b/jsd/r/83379ce7f9ba0410
Requested by: Host: m.askfollow.us
URL: https://m.askfollow.us/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9twWUHetnAYOrHJVaCNXeRix0cycL0FvybNr62406m6P2x%2BGVHYmhpduqi1GfI6utcQERwlE4twjCvQkbtCVKTELglHy1wLM2mTHF8245oYmJmMcMfdrAhDPBLdpbVpksCcWwmbTXhbVDh5KkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83379cee7f5dfb3c-SJC
alt-svc: h3=":443"; ma=86400

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 60ms
59ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.462417405516774

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T_f9H8S2JytidsBXqA654A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-T_f9H8S2JytidsBXqA654A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 61ms
61ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.403013247937603

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-unHBYkolj76Zxt0JCIiDzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-unHBYkolj76Zxt0JCIiDzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 152ms
70ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-omEW_zIxDGo1yNczDrHaiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-omEW_zIxDGo1yNczDrHaiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://m.askfollow.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 98C7 2 KB
975 B 138ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=200&slotname=2712106593&adk=2474530452&adf=667525225&pi=t.ma~as.2712106593&w=980&fwrn=4&lmt=1702233591&rafmt=11&format=980x200&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591537&bpp=1&bdt=277&idt=317&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=3396&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:26:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 98C7 2 KB
903 B 249ms
143ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 98C7 19 KB
19 KB 185ms
81ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSPrljLq6x4ZxfgbBL4d_eAeoKx3h4b0hT0Kts8BKsiQ-odSOn2io_iEb-mXfo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7578690d2b390dbb0e87dddd314645cd1874692624a01609df80023cb3e8891b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:55 GMT
x-content-type-options: nosniff
age: 342417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19029
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 09:02:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 05 Dec 2024 19:32:55 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 98C7 28 KB
28 KB 188ms
85ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQtdDSESGejVNC8sQLNXOZZc7D_E4xbXyCrqUzeyOyCSgpkXNadJ5j0BiBMgMA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

312bba8b53066879826d9a1aa2802be89534450cfc11a2cee98fb9090b02953a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:24 GMT
x-content-type-options: nosniff
age: 79048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28333
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:33:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 20:42:24 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 98C7 20 KB
20 KB 244ms
141ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSLHtrn_lVPxlFjmbRBbRCl79Rm4hCvYpRm5ezzbMzgT4zltk7V5gWo8S2WLQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62265a63b369b963515f1ee7e5f7bc1ad0e4b5290d40e93e82eeb2bc43b6e004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:49:35 GMT
x-content-type-options: nosniff
age: 136217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20703
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:56:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 04:49:35 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 98C7 34 KB
34 KB 245ms
142ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSn5SE2axCJj14GJQXgmwf6ZQi2A-gZa7s8mLpYX8LnGZlZ_8C4Acw7-femaQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f21b5ae57fc9ddbfcdfa6a811e087f24c53ae5103b59d53856c5fc0d472e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:30:46 GMT
x-content-type-options: nosniff
age: 169746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34883
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 09:20:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 07 Dec 2024 19:30:46 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 98C7 28 KB
29 KB 142ms
40ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:27:14 GMT
x-content-type-options: nosniff
age: 141158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 03:27:14 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 98C7 28 KB
28 KB 144ms
41ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk097F23g6c9FYbptlhwhRqSxFIMrC-_K_c3f7PIPXtCRxd5_eNIq0rwI36_4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:04:47 GMT
x-content-type-options: nosniff
age: 182105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 04:22:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 07 Dec 2024 16:04:47 GMT

GET
H2

200

2028896861534754722
tpc.googlesyndication.com/simgad/ Frame 98C7
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr25ig3AEQ2AQYlgEyCI1gGRvCtpy8
https://tpc.googlesyndication.com/simgad/2028896861534754722

7 KB
7 KB

44ms
35ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2028896861534754722

Requested by

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91e92ed1d0705e7657f98ca8fdf66854dc3a96666501c8e800c22ce7516fa139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:08:33 GMT
x-content-type-options: nosniff
age: 520280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7203
x-xss-protection: 0
last-modified: Wed, 26 Sep 2018 16:32:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 18:08:33 GMT

Redirect headers

date: Sat, 09 Dec 2023 20:46:36 GMT
x-content-type-options: nosniff
server: cafe
age: 78796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2028896861534754722
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 20:46:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 98C7 24 KB
9 KB 150ms
51ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 98C7 3 KB
1 KB 179ms
80ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 98C7 20 KB
9 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98C7 202 KB
64 KB 283ms
184ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 98C7 37 KB
16 KB 139ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 652C 14 KB
1 KB 89ms
57ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=7105912634&adk=1462908434&adf=3543289036&pi=t.ma~as.7105912634&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=316&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1955&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 652C 2 KB
856 B 193ms
144ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 652C 24 KB
9 KB 192ms
145ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 652C 3 KB
1 KB 130ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 652C 20 KB
8 KB 92ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 652C 202 KB
64 KB 147ms
103ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 652C 37 KB
15 KB 93ms
49ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/18152321255612978512/ Frame 652C 34 KB
35 KB 121ms
83ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18152321255612978512/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cbcded4a81cb75d9694fae189bac5a6e718b40b4e09fe14719a3d0dbe5aa1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 16:44:42 GMT
x-content-type-options: nosniff
age: 266110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34996
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:08:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 16:44:42 GMT

GET
DATA 200
OK truncated
/ Frame 652C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 652C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 4182 9 KB
4 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=1573588191&adk=3887882459&adf=3083462764&pi=t.ma~as.1573588191&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591536&bpp=1&bdt=276&idt=313&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C980x280&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=1042&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:13:19 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4182 8 KB
4 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/error_handler.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:59:30 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 4182 20 KB
8 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:58:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4182 2 KB
639 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:24:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4182 2 KB
861 B 45ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 4182 6 KB
2 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 05:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 05:53:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4182 24 KB
9 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4182 3 KB
1 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4182 20 KB
8 KB 122ms
120ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4182 202 KB
64 KB 150ms
148ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:52 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4182 37 KB
15 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
DATA 200
OK truncated
/ Frame 652C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a82d4f1449ffaab4f749bb15d61f3225457417cd7205d1077d41f1d9dc25ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 98C7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25e95b94a4bc4314d574b34eee7a149a3c03e9cbf99152523c597a025921541f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4182 19 KB
19 KB 51ms
47ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTVKVDDZaoN_VSady1kQkvE54ht2CFvv55Wu9Z3IJke-xU_nc9_mTS-mFJe5LM&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d885e778582f9e0e394a0143c567a8e731e301050eab20967d36ad80b9acc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:05:47 GMT
x-content-type-options: nosniff
age: 142446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19484
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 09:02:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 03:05:47 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4182 28 KB
28 KB 43ms
40ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQzhTTyzvAT_9Ty0rIdZN6dYIn8lpEQikUw3ShQtGQ6EDp8n8ug4uRm-3apmQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863bee3b88be5440d87bc11ae860cdf4c8cf5038937564b63a4126176d199d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:16:29 GMT
x-content-type-options: nosniff
age: 167004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28883
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 05:36:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 07 Dec 2024 20:16:29 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4182 16 KB
16 KB 43ms
40ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQuEVG_HjYTMjdUS2psPHCy8vmvJrlf-ihPC4tguCzdPUZH86k3XoDiNT5pPA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34b55b0be7a5111fb8c3d796db990e4d58380266933877f02462626e9a997de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:27:09 GMT
x-content-type-options: nosniff
age: 126764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16383
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:04:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 07:27:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4182 15 KB
15 KB 140ms
40ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQBosDkPZ4p5BDmbvryxQDdvys8qjFibt2kvTB8285A4hq35LnICnkLH1UrNw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

792c45522c9f8bd4e4b3dd28f8531dbf65662f70b1585b857a6671b4189fce06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 14:49:06 GMT
x-content-type-options: nosniff
age: 100247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 08:37:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 14:49:06 GMT

GET
H2

200

7681743886941019795
tpc.googlesyndication.com/simgad/ Frame 4182
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHt6O-vwEQgAQYgAEyCElUjVZNA8C0
https://tpc.googlesyndication.com/simgad/7681743886941019795

30 KB
30 KB

40ms
40ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7681743886941019795

Requested by

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b29ac3f36468ae9686d6dfef81beb8a0815241c8697ee80171ce89430322fdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:47:59 GMT
x-content-type-options: nosniff
age: 190314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30788
x-xss-protection: 0
last-modified: Thu, 26 Sep 2019 14:53:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 13:47:59 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:33:09 GMT
x-content-type-options: nosniff
server: cafe
age: 83204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7681743886941019795
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 19:33:09 GMT

GET
DATA 200
OK truncated
/ Frame 4182 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26f74c52038ca81efb4159529f877d8be8ab8b3c370b673b435c844a042f0043

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 652C 33 KB
34 KB 129ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:14:46 GMT
x-content-type-options: nosniff
age: 145507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 02:14:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 652C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYuCY-AV2ZaT9AtOWvcAPqK-ZYNb5lNJzr6GupK4SZBABIIr5_yhglYKAgJgHoAGb3-jpAsgBCagDAcgDywSqBNQBT9ChFM4nRRv3rzwCRtqq6FPTUdvMRYV6nB0VaqS1ir4KUgh4UwqQYJi...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210758040207668493128%22,%22debug_reporting%22:true,%22destination%22:%22https://wiseranker.com%22,%22event_report_window%2...

0
0

157ms
76ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210758040207668493128%22,%22debug_reporting%22:true,%22destination%22:%22https://wiseranker.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22758787995%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218110120416285790689%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10758040207668493128","debug_reporting":true,"destination":"https://wiseranker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["758787995"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"18110120416285790689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10758040207668493128","debug_reporting":true,"destination":"https://wiseranker.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["758787995"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"18110120416285790689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 7D84 9 KB
4 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=3932954383&adk=2892710006&adf=528667521&pi=t.ma~as.3932954383&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591535&bpp=1&bdt=275&idt=309&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:13:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 03:13:19 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame 7D84 11 KB
5 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7D84 14 KB
1 KB 49ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7D84 2 KB
822 B 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7D84 24 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7D84 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7D84 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 147A 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4182 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRArIQAAAAAAABRAMAQKDRADIQAA0MzMsJFAMAQKDRAKIQAAAMCZmfk_MAQKDRANIQAAAAAAAAAAMAQKDRAeKgc5ODB4MjgwMAQKDRAZKgc5ODB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAA0MzMuJFAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAABxAMAQKDRAFIQAAoJmZuZFAMAQSGkNMekQwS1RDaFlNREZVTmdEd0lkUlZRS0tnIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4182 0
20 B 79ms
77ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 98C7 20 KB
20 KB 173ms
138ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:24:46 GMT
x-content-type-options: nosniff
age: 134107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 05:24:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 98C7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C55Lg-AV2Zb2RA-iOvcAPlPWciAS6_pDcdPOAue2uEtzo3P-pQRABIIr5_yhglYKAgJgHoAHor-yIA8gBCakCYi2If_cOsj6oAwHIA8sEqgTIAU_Q3YZ-qkT7VsMWKDFnkY65tIovJICEFpH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210318047586084539864%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...

0
0

157ms
76ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210318047586084539864%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223356162465395853665%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10318047586084539864","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"3356162465395853665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10318047586084539864","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"3356162465395853665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame BADD 51 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4182 20 KB
20 KB 89ms
88ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:24:46 GMT
x-content-type-options: nosniff
age: 134107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 05:24:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F4A9 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3344113132106788&output=html&h=280&slotname=3932954383&adk=2892710006&adf=528667521&pi=t.ma~as.3932954383&w=980&fwrn=4&fwrnh=100&lmt=1702233591&rafmt=1&format=980x280&url=https%3A%2F%2Fm.askfollow.us%2F%23542504107%7Chttps%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F1389502830818603010%2FwxAy5CYs_normal.jpg%7Czero_dot1&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702233591535&bpp=1&bdt=275&idt=309&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=736204388504&frm=20&pv=1&ga_vid=456608184.1702233592&ga_sid=1702233592&ga_hid=1042307663&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079865%2C44798934%2C44807750%2C44807405%2C95320868%2C95320885%2C21065725&oid=2&pvsid=571963610373601&tmod=836782004&uas=0&nvt=1&ref=https%3A%2F%2Fl.instagram.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=311
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 176ms
75ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 176ms
75ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F4A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
expires: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D84 202 KB
64 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 7D84 37 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
DATA 200
OK truncated
/ Frame 7D84 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e1bd1aac27c40d796c008f77fabd43d3023b343525eda316d7d76e64a6a92e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4182
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWQiZ-AV2ZbznAsPAvcAPxaip0ALzmf-LdOfn0drmEcHfr7_0PhABIIr5_yhglYKAgJgHoAGWqYH_AsgBCakCYi2If_cOsj6oAwHIA8sEqgTMAU_QqfBYD6xQApZ_2klM72UFIuONpwkrkAD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217600509748517475599%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_windo...

0
0

93ms
75ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217600509748517475599%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222877851665654133057%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17600509748517475599","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"2877851665654133057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17600509748517475599","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"2877851665654133057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame B1C8 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

GET
H3 200 adtech- Show response
fundingchoicesmessages.google.com/f/AGSKWxU6kigk5OcuOiq9S8RXQE3j5mmASEP05ucp3vGNzw3oV42H-5CXxsnc97eAue0Wmiz_my6V5nNBoPDvEsDPvgqPLy8fuu54kZQZpbqag9J8STPP2YBYedb-Ae4oaJq72gopsBBmZ9gm2VaeF2xVUG3ozBcPw... 54 B
109 B 55ms
54ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6kigk5OcuOiq9S8RXQE3j5mmASEP05ucp3vGNzw3oV42H-5CXxsnc97eAue0Wmiz_my6V5nNBoPDvEsDPvgqPLy8fuu54kZQZpbqag9J8STPP2YBYedb-Ae4oaJq72gopsBBmZ9gm2VaeF2xVUG3ozBcPw0-tNChhdCSc2UZEkEbPiNjXGTIMe7BW/_-advt./FloatingAd_/adsdm._show_ads_/adtech-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q7qk8aW-Kkk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzKd_-9BlQwC-xh8DBkQyKnc8DmHQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3c718474e08bf7870d4a88a1e3e23fc2da020bc099e31e2f87c848e0c584cd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-84FI49WrPOQs2PeDxqia1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-84FI49WrPOQs2PeDxqia1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30828
x-xss-protection: 0
server: cafe
etag: 1270192977547311863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 19:33:54 GMT

POST
H3 204 AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 58ms
58ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-usGqZkQIoN-_FmhmwUk-4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-usGqZkQIoN-_FmhmwUk-4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://m.askfollow.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
73ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HP7eYrgU7NoBZWfOuzRCGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-HP7eYrgU7NoBZWfOuzRCGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://m.askfollow.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4182 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lcjMtc3F1YXJlCgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKDRAUIQAAAACQ2v1AMAQKDRAVIQAAAAAAADBAMAQKDRAWIQAAAAAAACBAMAQKDRAYIQAAAAAALJZAMAQKDRAyIQAAAACcmbk_MAQKDRAzIQAAAACcmbk_MAQKDRA0IQAAAACcmbk_MAQKDRA1IQAAAACcmbk_MAQKDRA2IQAAAACcmbk_MAQKDRA3IQAAAACcmbk_MAQKDRA4IQAAAICZmek_MAQKDRA5IQAAoJmZzY5AMAQKDRA6IQAAoJmZZY9AMAQKDRA7IQAA0MzMTJNAMAQKDRA8IQAA0MzMTJNAMAQKDRA9IQAAAAAAUJNAMAQKDRA-IQAAMDMzFZZAMAQKDRA_IQAAMDMzFZZAMAQKDRBAIQAA0MzMNpZAMAQSGkNMekQwS1RDaFlNREZVTmdEd0lkUlZRS0tnIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
52ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rFCTsvNooA2raGd5XIHuqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-rFCTsvNooA2raGd5XIHuqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://m.askfollow.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
51ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUXTlakQs0ZZa0n5z1JqozVWRwOYHzoba-SROsMBzyRwg8KbTlwNohF5o_MboT916rMLvTY9vHodnsviDGEOesRwXxnbPcbLP1yeNtizYok6UDzxoE2FReW7EvkBn1LUZwXSBlC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RUVJwGbxGxMapVt_sg3fwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-RUVJwGbxGxMapVt_sg3fwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://m.askfollow.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXdcY_925dIgOU5HbziC6rLn0bnNsUM8TWf7FTQkYk25hMFAS_8YNk_jCygmyR1kkaCZvtd-4z4rF78lMjmbSgpTh7I1Ihm3JBLcG916GLZo0ojT5eyWL6HpPLT9xYjJQU6gYGV7g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdcY_925dIgOU5HbziC6rLn0bnNsUM8TWf7FTQkYk25hMFAS_8YNk_jCygmyR1kkaCZvtd-4z4rF78lMjmbSgpTh7I1Ihm3JBLcG916GLZo0ojT5eyWL6HpPLT9xYjJQU6gYGV7g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyMjMzNTkzLDM2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vbS5hc2tmb2xsb3cudXMvIixudWxsLFtbOCwiUTdxazhhVy1La2siXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ccc2a5621597cd580a4f329e37238521360703b96e21eb4819ddc3dbf11e91d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7bG1nBLVnnFehWNQta16Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-7bG1nBLVnnFehWNQta16Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7D84 33 KB
33 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:14:46 GMT
x-content-type-options: nosniff
age: 145507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 02:14:46 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7D84
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CG0fU-AV2ZZ6aAuadvcAP156ViAm_vOTTdPHe1OOfEp6859OEDxABIIr5_yhglYKAgJgHoAGEnYP7KcgBAakCYi2If_cOsj6oAwHIA8sEqgTRAU_QGpjCW9GbPvV6d95tRgdo7JQJi_c84Md...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228771306847799416662%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%2...

0
0

76ms
76ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228771306847799416662%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211263856260%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216292735399459706961%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8771306847799416662","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263856260"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"16292735399459706961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8771306847799416662","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11263856260"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"16292735399459706961"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A2B 51 KB
19 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

POST
H3 204 AGSKWxUWBK23opwLFgetOwSno5Z2cN2XmT_8EEC6Ye591nuoko0V-DQPGgYGuTHHaeQy1Ar_XvpOZBoxckbzA5w_0Q6UDiqE2FWij7ws2vhiiiOqGXVTMqDq_eSCtZh9QlK7EvEfllDGVA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUWBK23opwLFgetOwSno5Z2cN2XmT_8EEC6Ye591nuoko0V-DQPGgYGuTHHaeQy1Ar_XvpOZBoxckbzA5w_0Q6UDiqE2FWij7ws2vhiiiOqGXVTMqDq_eSCtZh9QlK7EvEfllDGVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C3qk_QeCZjUdSKsULfbz3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C3qk_QeCZjUdSKsULfbz3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://m.askfollow.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 75ms
74ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68f7694086a771004216eb24979a57640fd9140f365ec4c404a170181e30064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55997
x-xss-protection: 0
server: cafe
etag: 16852310439701706276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 6E75 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 4421 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 40FD 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame AAB2 9 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:29:38 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 20:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 6E75 4 KB
671 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E75 205 B
229 B 39ms
39ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:17:49 GMT
x-content-type-options: nosniff
age: 163324
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 21:17:49 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6E75 604 B
628 B 39ms
39ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options: nosniff
age: 152842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 00:12:31 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6E75 16 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:00:08 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6E75 22 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:57:47 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4421 2 KB
822 B 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4421 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4421 3 KB
1 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4421 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4421 202 KB
64 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4421 37 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 40FD 24 KB
9 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3355 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40FD 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40FD 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H3 200 7797493576663708294
tpc.googlesyndication.com/simgad/ Frame 40FD 139 KB
139 KB 85ms
85ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7797493576663708294

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0d6ef257fe1cf4267376cbe0076173ac78c6ee47ffcabddc760d35e615e0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:59:03 GMT
x-content-type-options: nosniff
age: 168050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142562
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:40:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 19:59:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40FD 202 KB
64 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 40FD 36 KB
14 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:23:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74D2 624 B
245 B 79ms
79ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNX4i6YP5ifNzirVeOhGDW7eAeLS0qKu3wHLX41Vc6IZDKnmuD6KIS8iOEKx-uCysiQ1GcUcDAquqeXOkcA9AEhwBMVNaXrjcF96riOWLZgJxxOYUJVlUG7DJKmVPx-fD4cL125mITbN7lbGPRArDba10iS0mRF0fjUi1Ra_OCJ70MyP36M

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
expires: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6241 89 KB
31 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6241 3 KB
1 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6241 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6241 204 KB
64 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3470dc8af1dd6fc8b6c59a0a3d3632969c68fe410cf5c9530e253a3b7327e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65597
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702058669129730"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6241 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5strKSLfFlGkvP5DrQEID6fuXZLmTnRlE58uSqs-zklufxUHy7Cv060gOraVoylLIYbl6cx5gm6_FEjyUeNnrFgoyRxlZjZ_JVYX_Vq63Ana_xq4

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4E98 14 KB
1 KB 48ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Dec 2023 17:23:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4E98 2 KB
822 B 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:43:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 4E98 24 KB
9 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:23 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A24 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4E98 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 09:21:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 4E98 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:33:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E98 202 KB
64 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Dec 2023 18:39:53 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4E98 37 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3355
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
53ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
expires: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A24
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
expires: Sun, 10 Dec 2023 18:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 74D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1

43 B
338 B

103ms
103ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNX4i6YP5ifNzirVeOhGDW7eAeLS0qKu3wHLX41Vc6IZDKnmuD6KIS8iOEKx-uCysiQ1GcUcDAquqeXOkcA9AEhwBMVNaXrjcF96riOWLZgJxxOYUJVlUG7DJKmVPx-fD4cL125mITbN7lbGPRArDba10iS0mRF0fjUi1Ra_OCJ70MyP36M
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZJg7r%2BRZkXqewwtrZKh5LWYSoAZ3ySJ0spjT%2FCgicp9Czm3XaNWr8YxWKegoCWG7LeC9XCrJWxu%2BBbwscCYXO82rMtC2RQeBFsbhfFBICePnkKxsDLNj8qWuGGSHn2gSfe3acxsmopwIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83379cfa7f4b266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74D2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXYF.VhHLG0Tbbp47CWtYAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1&google_hm=2

43 B
767 B

82ms
81ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNX4i6YP5ifNzirVeOhGDW7eAeLS0qKu3wHLX41Vc6IZDKnmuD6KIS8iOEKx-uCysiQ1GcUcDAquqeXOkcA9AEhwBMVNaXrjcF96riOWLZgJxxOYUJVlUG7DJKmVPx-fD4cL125mITbN7lbGPRArDba10iS0mRF0fjUi1Ra_OCJ70MyP36M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VphqDKzv7UddClw4Q5bJoSt6ZJLhdHSuVo8CqECEjn2B4Ur6nuV6nCuk9Uf9T6bHzTcY29NDFS6uMdS5S45eLQX9a5%2FxvyfYpa5uOXsRYQZKmpfZdmnab1O0WSt8K3L6CST4UlDQWj857w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83379cfb48b958f6-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLJ9cQoPlyTJPbnsNqCFCg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 74D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH7hy15azhyCslk8jGUKIHQ&google_cver=1

43 B
842 B

61ms
61ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH7hy15azhyCslk8jGUKIHQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNX4i6YP5ifNzirVeOhGDW7eAeLS0qKu3wHLX41Vc6IZDKnmuD6KIS8iOEKx-uCysiQ1GcUcDAquqeXOkcA9AEhwBMVNaXrjcF96riOWLZgJxxOYUJVlUG7DJKmVPx-fD4cL125mITbN7lbGPRArDba10iS0mRF0fjUi1Ra_OCJ70MyP36M

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
an-x-request-uuid: 31e0422e-3e7c-4c9d-965a-2865df7c1973
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.105; 80.255.7.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH7hy15azhyCslk8jGUKIHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 74D2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5NDk5OTIwMTk3MTE0MjUw

170 B
243 B

54ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5NDk5OTIwMTk3MTE0MjUw

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
an-x-request-uuid: fe3792d9-e9c8-4811-b009-e042739975c4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5NDk5OTIwMTk3MTE0MjUw
x-proxy-origin: 80.255.7.105; 80.255.7.105; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4421 16 KB
16 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQuEVG_HjYTMjdUS2psPHCy8vmvJrlf-ihPC4tguCzdPUZH86k3XoDiNT5pPA&usqp=CAI

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34b55b0be7a5111fb8c3d796db990e4d58380266933877f02462626e9a997de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:27:09 GMT
x-content-type-options: nosniff
age: 126764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16383
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:04:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 07:27:09 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4421 23 KB
23 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQEZis7xuQ8WpR-tCKvkCbQdUoiqNXukKe8Zvpm2raj9ybBFwTsLnCytILbAg&usqp=CAI

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55483fa7c2d8e362f3c6455f7abaec8113ea27c52713953feb667124cb341e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:22:25 GMT
x-content-type-options: nosniff
age: 163048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23769
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:49:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 07 Dec 2024 21:22:25 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4421 19 KB
19 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTVKVDDZaoN_VSady1kQkvE54ht2CFvv55Wu9Z3IJke-xU_nc9_mTS-mFJe5LM&usqp=CAI

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d885e778582f9e0e394a0143c567a8e731e301050eab20967d36ad80b9acc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:05:47 GMT
x-content-type-options: nosniff
age: 142446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19484
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 09:02:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 08 Dec 2024 03:05:47 GMT

GET
H3

200

7681743886941019795
tpc.googlesyndication.com/simgad/ Frame 4421
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDHt6O-vwEQgAQYgAEyCElUjVZNA8C0
https://tpc.googlesyndication.com/simgad/7681743886941019795

30 KB
30 KB

40ms
40ms

Image
image/png

2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7681743886941019795

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b29ac3f36468ae9686d6dfef81beb8a0815241c8697ee80171ce89430322fdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:47:59 GMT
x-content-type-options: nosniff
age: 190314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30788
x-xss-protection: 0
last-modified: Thu, 26 Sep 2019 14:53:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 13:47:59 GMT

Redirect headers

date: Sat, 09 Dec 2023 19:33:09 GMT
x-content-type-options: nosniff
server: cafe
age: 83204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/7681743886941019795
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 08 Jan 2024 19:33:09 GMT

GET
DATA 200
OK truncated
/ Frame 4421 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a104b6a1dd4935e2e65b64365c66d45db5ec05ec5170133ce9ab9ffb0b000d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6241 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8875302107026&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6241 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8875302107026&version=m202309260101&ct=77&x=1&cor=6784031873950411000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6241 34 KB
19 KB 330ms
330ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8DmtU9STURfJh1oZ3Mopzyq9LnNW1DcQUuk0-nlOUebaN-Q6EQUuODOpKdo-lUAxNktpuvCoYhjSMUmYjcNE-vaCHBPd0CNNukl6LFY8nq8qL8Oa-j4srgpfjzBBjU7mms7SJWWFSaSi6NOq-ovZFATXguHN6_6YxwkAwjGsPoHG4b48&cry=1&dbm_d=AKAmf-ByhEHuiu_Zzhum7fxBAuLMdoi_iO50Gy8HV9yals1qE-5FmpzH8R47PNQY8cfISJbMBxEczBpetIkQli3j1xxxmt1u5lIewMZ5ZBHQJ0Q6104H7pie_nbJzf7TAa6v5D4a-iPna-Excs7TpT0r4b3DORC5mGD9H1vbHUMuiKUjxcMU5X5s2TBzyGylhV3xDUjhGpvpoHLDwjvvpjQmgau-m8TkUMmw78tcpjsRR2sQnZIY4M2b79o07EPojPVgZ_8FI8Qp_E74E8mZrsAtDv5Q-zc9NQlcGzJl0JODl35bg1KCfU4geTmUobdkMWWJq7eig37XqMncr4ofjlKD32AiX52atLLyBjbzPmlljVRyHjwYsS-TIN50OmVha-eZSboRZ7an0N5PVsnrzzLVqR0ge4YR8hbvH_koi7f1ukTFgHGl20_ytD_4cHOUOcIjzaHxBWOoczDFh0TZaKS6IDz2b5w3IdYT4eyUqiFtWoFxRgmk8txqcD9LBN4rHxWHiu4z2UJ1xPX9c6zeIZ1MSj_Ot63OotkgjiiIGmslWbsCinQj8KvMEVbfq-smmS3hcviqdRpuJkAND_NH62iBQ05VSyfAo7gmP_Z4_pZ5SZ5BiQ8_R2D52p6ni3Ou2T4QLgql7q8exmL8GTzMWunRwkTv9gqlQM-P53g4DEcuGtShyo-M-f8ohNEy_ZjI19aNgKu3Kqu8CcvyWTLyCEKRrBDGJLtWlwVdk8eOZMxb-fIsT5zqGGzwDXf4_pu2V8TMfdp7ysE0rxXQDDD3B5hD-GfxRGazLab8e9e7JLtkfejzcW2GgARG4HG9Rt0BDAQQlvF221CxSG_1jiCkuDL-xNfrobuLuvs9K83ySzNwri10-AdmfOBVWplRU12i_PoX1jBQbuhvdKsRCDdjLJnwwyUiG6p2IRiTXdPO8LSZzXDedeeJDs9jnA1gyAiEL-5IBDhDOjm4ZjYHZ4s8cIyFGO9hYmrH6Ui94GS5H-EfSjg0QvmlFJxzoHCv42TR_O_Ug9zhxdZTFSBty-2finGrJzk8cUSrxHzS_QZSjzgX1pka_SptVgs_NBNaa4j2pqvc2BAzXAGFbHRga0mkI73gjAhF5u6f9zg-u-l6uOxLAcc3CmNryf6sRh5pFCzG64rwd6RZKLM2TPgD2PcyjUEcZCfBBUpcwBgAd8pI60DCA9x3UUDfFmoOs8NDwg3QlbJXdNBUUP_QbqWl_zE55wwTtylayex6xOSI03Nm5rZhsv4oiG7RxZSfOZCmEYZZz0UKDc992tesPQL_uwCWHQ7RykTdYDI7qH6xdp1ipf19_VJF6bfUvHRc06XrSJ6ObZwJfrGFwDooc-buGvyaTquFcQDdfS4odRSMlEdkRyI1kEPLqsjZu_OrwqVGw8wUiXI4R2buI2Rdl9ZWTU3kGBgv84hYgSpzcGEr7uSLgnDEdsb54YhB29RRt_hdllsn1U-EiAgj8RsO_cNm0MwE8qBvexHFvGvoIdGpPyrv9eGTA3Z3dqedjo7azO68Wj2iBFp7teA6T_ZnhNNN3Y2Dp16CZtWuPbq-h8sfThLaDKSXTtsea7GYUqASbbxkX78Nl4BN7x96fNZQcdA9pW5DXyWTyp-TxJCWxdv5vzUazUKX1jeLjZ57Nq_tD-yFxZCg8wgt0mKk4pQM6MWdsZzDVUoADi6L-Sev8gtVlsBf-6ID3gA5M6IkdlWGp3D5dTqwzX9TbObbJQ0VfyunbvavEqkjRBLtp2X9-8PsiTXGvGFVU69FiMwnhGR2KvqogLZNo9fhiC8h0yvwkEHpDF1Sh3vC7ZM5YmXq4qk6MSoJP4eAizKQqbHMCJgi6viEsfLDjZq9mYyAzfJTgxSK2FlknawYP1lNqu84_94fXmEHAzkCHSRQ7zzmaaDBAB5nj5mq-jcShztXaQr4iiXN_s_lAcInykcaijmwg900D6MBehdfiZtokwNqGpJAtOdQxUugFOW8rDKsdsCRrcBsSnty4Yqoect65aoGS2IBSRPoT71o2SxM4MsVgUxIq4epAty-uTmgCRB5gUYwiv1cuee_3FERjiNPipvEK8IGyI-CT9K5tVSxeHUpYiiSCmUcLfZ3Ki3I8-2a24IamJ-FEVAHusKH5o1ztu5bKw2lUF3buhd8Qds48nVlTgsvbL0lq-hBhRtn6hm9Nx18d1cfxN73WhP0iDko8j8i41PEwhKj_D4KMYYOi0gtB4bgfC87AvHngPT0xzgIEQGWdLYbizfbZyjBFNdueZFDM05j4AWPkEmWeBE0KgdHVLXM8IweqxbltIsaUHMHVUxEwi0E0_Ze6X586BWwKbr3NUHaxjUVmOCPyJwIiqOd96jsJuYkiy5dyUdf4r35n0oThmeT31-fZS34pI-hPmfeq19KWibaJ-6uovvRBID3krlnkHFMbhXdPpaSe2j9sR7BBGOo76yOaBQn7hHiEln0ke3YHapMhqFXJ_0YHlPa2mMXY5afCA6iC5L-gUAl2Eca9ZfXegBdEEADlU6EaEf1X5EbeFwgs336imFn2oNvjrSlUueAk6v_7eZ_GkBRn1grbbSTaO2PpE8INhpy2Alr12vJmbN011dSx-XmctoAmKkwkNH97vFuJkFU5qoKBijP1bV0JdgUGjmnuFlHrAIB0MXsai7tIIHM8jr4meHiafNeNnBP778kK09RFYyOeY8jiTIi2Ux-HiBVPy6qwLEDO3f-H4Q36SMe4NPXPs1RXK34udro9IbflvfPDEIHqddeOghjnjZNy56u-X6czeg3bQXyNsw-weW-hR5rVUUXt4XV6uYbCCDwp2utaHw3syM27OF09nQ-FlHH1_o0h-Z61kOtBmuPDRTuE8snXQi5_1eqMlAc3oQWYRDGG3zljofjv-5D_P1yn8_lvxVDutRKgCbB1lMHYf-oMra3Hrep0UXs9VZU0NY3VJckb-auTbg8_ZnJT618u2vgiOivfluQ-fo4x38B8VxzKBDdnm2gnnGajn6DYxoccLn41RlFM7mGrWZV_1NoVdoQYM9u9aPzaQauATiZp90YXbYZUwrdtZKKDusI4QbjGXIYiapcmjYl8jJwPH1vI1eF0olUgHJzqPOKGdEeT-hIVaSfbSLn1U9KXq9cSXhciuRSqU_H5Nz5eeyy0uflli-Fo50v4w-R0kLxnaD-K-cw6Gwvht_xTElzxSH9A5UewRrrAE2TVVl4GnkSak25CEAooxineM79nmMkBUJDf5PUj_aBI-0i3_Afq1X38WYrFeCWHL1mVc2jf311TQDlHxfJPw8Yo3kgFR1ws_i2Mq2vAQQZTXG3ksnm0hQGQR_wPhfS5ztRMhHEjGAOZAWEBxlfKH97Sw5EYCXd857vCOkBg_qYL9rHOaHselUJC4DrOdIqgok6frRNiHzX7Ol_Kki4mLthv5gPy5VyM85sUdTGCMbnxQRQzFzH29nsSHAt-4DnV6UuY1etGkfGZAHkclKPawGfa7AvTuPZvCOENLkBpcJJTEbOpfOSCXKhnCjNFxkmvaX7cujYrCQKM7gyodlvIea3tt7fDh90cIZmLqmdL2nAtBUSpFjKloiXrPxgsUZ8rA41EZnS5me33pw5clbzcWOfVcTj9wxldqBBNFPPd5fYnKDha9GvMqhb_kNwRmLDETjB7EbB4ermJEKdStkzCZbAQHZekIRKhecDOlfjDvZAlCqRcaw&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fm.askfollow.us%2F&ds=l&xdt=1&iif=1&cor=6784031873950411000&adk=1935140219&idt=132&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d1f7acedf0c50fdf0590f3189e114b9fdf37b65c4317899c524fe378d72dc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19709
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 71C8 51 KB
19 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4421
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CbDtq-AV2ZcvqA8ydvcAP_6yA2ALzmf-LdOfn0drmEcHfr7_0PhABIIr5_yhglYKAgJgHoAGWqYH_AsgBCakCYi2If_cOsj6oAwHIA8sEqgTGAU_QsAvgwdW3GTV_BK4H4gIzbKmDV6wCVho...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228991591169304762328%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window...

0
0

78ms
78ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228991591169304762328%22,%22debug_reporting%22:true,%22destination%22:%22https://stoffe-hemmers.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22803230870%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222010457642818220385%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8991591169304762328","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"2010457642818220385"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8991591169304762328","debug_reporting":true,"destination":"https://stoffe-hemmers.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["803230870"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"2010457642818220385"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40FD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd50535aca644953d108b64b3908d732a9f09ef933f637088f7898db682bb819

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame B9C6 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 40FD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAi5z-AV2ZczqA8ydvcAP_6yA2ALKq6HbdM7vo8-oEqq4i5btDhABIIr5_yhglYKAgJgHoAHSn6LmKMgBA6kC6WKMwqs3XT6oAwHIA8kEqgTIAU_QSCM7mCbKY8c2LCqzh1auQDgX3Jkh0oM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212587552417005299604%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%22...

0
0

74ms
74ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212587552417005299604%22,%22debug_reporting%22:true,%22destination%22:%22https://ui.org.ua%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210951888850%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229351510619329335665%22}&andc=true

Requested by

Host: m.askfollow.us
URL: https://m.askfollow.us/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12587552417005299604","debug_reporting":true,"destination":"https://ui.org.ua","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10951888850"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"9351510619329335665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Dec 2023 18:39:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12587552417005299604","debug_reporting":true,"destination":"https://ui.org.ua","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10951888850"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"9351510619329335665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F9F 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: t.co
URL: https://t.co/sFgpaCUXF7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:47:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
75ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 75ms
75ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Dec 2023 18:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6241 31 KB
12 KB 250ms
249ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8DmtU9STURfJh1oZ3Mopzyq9LnNW1DcQUuk0-nlOUebaN-Q6EQUuODOpKdo-lUAxNktpuvCoYhjSMUmYjcNE-vaCHBPd0CNNukl6LFY8nq8qL8Oa-j4srgpfjzBBjU7mms7SJWWFSaSi6NOq-ovZFATXguHN6_6YxwkAwjGsPoHG4b48&cry=1&dbm_d=AKAmf-ByhEHuiu_Zzhum7fxBAuLMdoi_iO50Gy8HV9yals1qE-5FmpzH8R47PNQY8cfISJbMBxEczBpetIkQli3j1xxxmt1u5lIewMZ5ZBHQJ0Q6104H7pie_nbJzf7TAa6v5D4a-iPna-Excs7TpT0r4b3DORC5mGD9H1vbHUMuiKUjxcMU5X5s2TBzyGylhV3xDUjhGpvpoHLDwjvvpjQmgau-m8TkUMmw78tcpjsRR2sQnZIY4M2b79o07EPojPVgZ_8FI8Qp_E74E8mZrsAtDv5Q-zc9NQlcGzJl0JODl35bg1KCfU4geTmUobdkMWWJq7eig37XqMncr4ofjlKD32AiX52atLLyBjbzPmlljVRyHjwYsS-TIN50OmVha-eZSboRZ7an0N5PVsnrzzLVqR0ge4YR8hbvH_koi7f1ukTFgHGl20_ytD_4cHOUOcIjzaHxBWOoczDFh0TZaKS6IDz2b5w3IdYT4eyUqiFtWoFxRgmk8txqcD9LBN4rHxWHiu4z2UJ1xPX9c6zeIZ1MSj_Ot63OotkgjiiIGmslWbsCinQj8KvMEVbfq-smmS3hcviqdRpuJkAND_NH62iBQ05VSyfAo7gmP_Z4_pZ5SZ5BiQ8_R2D52p6ni3Ou2T4QLgql7q8exmL8GTzMWunRwkTv9gqlQM-P53g4DEcuGtShyo-M-f8ohNEy_ZjI19aNgKu3Kqu8CcvyWTLyCEKRrBDGJLtWlwVdk8eOZMxb-fIsT5zqGGzwDXf4_pu2V8TMfdp7ysE0rxXQDDD3B5hD-GfxRGazLab8e9e7JLtkfejzcW2GgARG4HG9Rt0BDAQQlvF221CxSG_1jiCkuDL-xNfrobuLuvs9K83ySzNwri10-AdmfOBVWplRU12i_PoX1jBQbuhvdKsRCDdjLJnwwyUiG6p2IRiTXdPO8LSZzXDedeeJDs9jnA1gyAiEL-5IBDhDOjm4ZjYHZ4s8cIyFGO9hYmrH6Ui94GS5H-EfSjg0QvmlFJxzoHCv42TR_O_Ug9zhxdZTFSBty-2finGrJzk8cUSrxHzS_QZSjzgX1pka_SptVgs_NBNaa4j2pqvc2BAzXAGFbHRga0mkI73gjAhF5u6f9zg-u-l6uOxLAcc3CmNryf6sRh5pFCzG64rwd6RZKLM2TPgD2PcyjUEcZCfBBUpcwBgAd8pI60DCA9x3UUDfFmoOs8NDwg3QlbJXdNBUUP_QbqWl_zE55wwTtylayex6xOSI03Nm5rZhsv4oiG7RxZSfOZCmEYZZz0UKDc992tesPQL_uwCWHQ7RykTdYDI7qH6xdp1ipf19_VJF6bfUvHRc06XrSJ6ObZwJfrGFwDooc-buGvyaTquFcQDdfS4odRSMlEdkRyI1kEPLqsjZu_OrwqVGw8wUiXI4R2buI2Rdl9ZWTU3kGBgv84hYgSpzcGEr7uSLgnDEdsb54YhB29RRt_hdllsn1U-EiAgj8RsO_cNm0MwE8qBvexHFvGvoIdGpPyrv9eGTA3Z3dqedjo7azO68Wj2iBFp7teA6T_ZnhNNN3Y2Dp16CZtWuPbq-h8sfThLaDKSXTtsea7GYUqASbbxkX78Nl4BN7x96fNZQcdA9pW5DXyWTyp-TxJCWxdv5vzUazUKX1jeLjZ57Nq_tD-yFxZCg8wgt0mKk4pQM6MWdsZzDVUoADi6L-Sev8gtVlsBf-6ID3gA5M6IkdlWGp3D5dTqwzX9TbObbJQ0VfyunbvavEqkjRBLtp2X9-8PsiTXGvGFVU69FiMwnhGR2KvqogLZNo9fhiC8h0yvwkEHpDF1Sh3vC7ZM5YmXq4qk6MSoJP4eAizKQqbHMCJgi6viEsfLDjZq9mYyAzfJTgxSK2FlknawYP1lNqu84_94fXmEHAzkCHSRQ7zzmaaDBAB5nj5mq-jcShztXaQr4iiXN_s_lAcInykcaijmwg900D6MBehdfiZtokwNqGpJAtOdQxUugFOW8rDKsdsCRrcBsSnty4Yqoect65aoGS2IBSRPoT71o2SxM4MsVgUxIq4epAty-uTmgCRB5gUYwiv1cuee_3FERjiNPipvEK8IGyI-CT9K5tVSxeHUpYiiSCmUcLfZ3Ki3I8-2a24IamJ-FEVAHusKH5o1ztu5bKw2lUF3buhd8Qds48nVlTgsvbL0lq-hBhRtn6hm9Nx18d1cfxN73WhP0iDko8j8i41PEwhKj_D4KMYYOi0gtB4bgfC87AvHngPT0xzgIEQGWdLYbizfbZyjBFNdueZFDM05j4AWPkEmWeBE0KgdHVLXM8IweqxbltIsaUHMHVUxEwi0E0_Ze6X586BWwKbr3NUHaxjUVmOCPyJwIiqOd96jsJuYkiy5dyUdf4r35n0oThmeT31-fZS34pI-hPmfeq19KWibaJ-6uovvRBID3krlnkHFMbhXdPpaSe2j9sR7BBGOo76yOaBQn7hHiEln0ke3YHapMhqFXJ_0YHlPa2mMXY5afCA6iC5L-gUAl2Eca9ZfXegBdEEADlU6EaEf1X5EbeFwgs336imFn2oNvjrSlUueAk6v_7eZ_GkBRn1grbbSTaO2PpE8INhpy2Alr12vJmbN011dSx-XmctoAmKkwkNH97vFuJkFU5qoKBijP1bV0JdgUGjmnuFlHrAIB0MXsai7tIIHM8jr4meHiafNeNnBP778kK09RFYyOeY8jiTIi2Ux-HiBVPy6qwLEDO3f-H4Q36SMe4NPXPs1RXK34udro9IbflvfPDEIHqddeOghjnjZNy56u-X6czeg3bQXyNsw-weW-hR5rVUUXt4XV6uYbCCDwp2utaHw3syM27OF09nQ-FlHH1_o0h-Z61kOtBmuPDRTuE8snXQi5_1eqMlAc3oQWYRDGG3zljofjv-5D_P1yn8_lvxVDutRKgCbB1lMHYf-oMra3Hrep0UXs9VZU0NY3VJckb-auTbg8_ZnJT618u2vgiOivfluQ-fo4x38B8VxzKBDdnm2gnnGajn6DYxoccLn41RlFM7mGrWZV_1NoVdoQYM9u9aPzaQauATiZp90YXbYZUwrdtZKKDusI4QbjGXIYiapcmjYl8jJwPH1vI1eF0olUgHJzqPOKGdEeT-hIVaSfbSLn1U9KXq9cSXhciuRSqU_H5Nz5eeyy0uflli-Fo50v4w-R0kLxnaD-K-cw6Gwvht_xTElzxSH9A5UewRrrAE2TVVl4GnkSak25CEAooxineM79nmMkBUJDf5PUj_aBI-0i3_Afq1X38WYrFeCWHL1mVc2jf311TQDlHxfJPw8Yo3kgFR1ws_i2Mq2vAQQZTXG3ksnm0hQGQR_wPhfS5ztRMhHEjGAOZAWEBxlfKH97Sw5EYCXd857vCOkBg_qYL9rHOaHselUJC4DrOdIqgok6frRNiHzX7Ol_Kki4mLthv5gPy5VyM85sUdTGCMbnxQRQzFzH29nsSHAt-4DnV6UuY1etGkfGZAHkclKPawGfa7AvTuPZvCOENLkBpcJJTEbOpfOSCXKhnCjNFxkmvaX7cujYrCQKM7gyodlvIea3tt7fDh90cIZmLqmdL2nAtBUSpFjKloiXrPxgsUZ8rA41EZnS5me33pw5clbzcWOfVcTj9wxldqBBNFPPd5fYnKDha9GvMqhb_kNwRmLDETjB7EbB4ermJEKdStkzCZbAQHZekIRKhecDOlfjDvZAlCqRcaw&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fm.askfollow.us%2F&ds=l&xdt=1&iif=1&cor=6784031873950411000&adk=1935140219&idt=132&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:11:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:11:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6241 41 KB
14 KB 252ms
252ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjIzMzU5Mzk1MDcwMwogIHNlcnZlcl9pcDogMTI2MDY4NDA3CiAgcHJvY2Vzc19pZDogMjE4MTgxMDk1Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 6241 0
836 B 375ms
78ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjIzMzU5Mzk1MDcwMwogIHNlcnZlcl9pcDogMTI2MDY4NDA3CiAgcHJvY2Vzc19pZDogMjE4MTgxMDk1Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTUwMDMwMjY2MDEwODA4MDkyOTIKZGVidWdfa2V5OiAxNzY2NzE3Mjg5Nzc5NDAzNjg1NQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMTAiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjc2ODE3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzU3Njk2NTk3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTExNzk5NzQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMzEzMTg2MjM2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDY3MDk3NTczCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmZyIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5wbCIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa8ea62d45b74de60000000000000000","13":"0x968cb9e3468491830000000000000000","14":"0x2de35e7d4f97a4e20000000000000000","15":"0x6c8b2517c2343df30000000000000000"},"debug_key":"17667172897794036855","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"15003026601080809292"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 6241 43 KB
18 KB 329ms
38ms Script
application/javascript 5.9.137.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.180 Gelsenkirchen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.180.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Sun, 10 Dec 2023 18:39:54 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Sun, 10 Dec 2023 21:39:54 GMT

GET
DATA 200
OK truncated
/ Frame 6241 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1689fd3e84037973cbc41f1f4cd761cfc069f644bb8695d553b6ed5f8eb496f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4182 42 B
174 B 263ms
263ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzx9G6SwZNJcQkDvDPsQCCxUIAYAWN_gDrh1Vnsnd5I_0C_gL928w3qqrlyHdV5atazS0k9a6BRsrtlc3cqIixiN0ujSuB5kz2yscrqPAFL8tC_4oPI4Sdd3j-EIfQCJDE-LInnVhjqbSAckvVoEGyALBzS5_Q9JWpCVGyQa9I&sai=AMfl-YTWzZ_kx74rWRGUsmCuQzQuXQXAor1sZ2QPTeF8vliUndurlspWIm6VAZxMcWt_TiY1pv-zgPnlJz9ronsgfC6oHWznQIcDfuEt_qNVY5hnT3I3FXfP3_pE1xoKIUJPnFRktiVjY0qXSdcSTtsn3rqG0JoocmUhK8Sn&sig=Cg0ArKJSzPC90ql6rSJOEAE&cid=CAQSTwDICaaN2P4G_UwyUzYZe8raams3UxDevbT90IWkHoQ27lJKzOdlYcNcmn-9uu6WPDbzX8AHjTXotVYlF-aTZJIBzmDsBqmP_OFbD3eCMtMYAQ&id=lidar2&mcvt=1015&p=0,0,280,980&mtos=0,0,1015,1015,1015&tos=0,0,1015,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&vu=1&app=0&itpl=22&adk=3887882459&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702233591851&rpt=1419&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D84 42 B
108 B 113ms
113ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTpM7AMw22oJSKe64QUzIv-Q0j2C0XoicYUy2s1oNJvc3yrQX0BL5fIPHeKJvsm156Or4rPN-TskvgQxQZmgag3r4V_3EwsDM27bznunxwvSckIqPKX_AbtahEDnFxalqIN6fcvbSuBQGd&sai=AMfl-YR480GgdxBq-KeKNcRy606_251JTBzBKtIi-CgsUlWJWxN1pKthIDBRDpymuQdfSFXDFA4OY_Euepee9HDfzGk7-QFHysO6i3RDPB8dDwbixMi52eWlQI6kFx7ZdW21OTv4wrdknicPw7qc8O4Dv8RjjiAk-6uGRbGD&sig=Cg0ArKJSzP6z6J2hVsdPEAE&cid=CAQSTwDICaaNgDagrTeVyNKmHZuWDYuDEmuBPm6nIleCJCGLSCp4mMPLBLNI3gZUMvFLwOjaxzoB7M9sKOaUjeiQadIGvzH1FyyT8fFZEdKWkyUYAQ&id=lidar2&mcvt=1000&p=0,0,280,980&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2892710006&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702233591847&rpt=1588&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C44D 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 08:51:43 GMT
expires: Sun, 08 Dec 2024 08:51:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C44D 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 6241 20 KB
7 KB 183ms
40ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:31 GMT
server: ECS (frb/6762)
age: 421
etag: "64e381eb-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Sun, 10 Dec 2023 18:49:54 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 5480 2 KB
1 KB 178ms
39ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 29
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Sun, 10 Dec 2023 18:39:54 GMT
etag: "64e38310-744+gzip"
expires: Sun, 10 Dec 2023 18:49:54 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C44D 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BToGJ-QV2Za-DOrfNjuwPiZavkAgAAAAAOAHgBAI&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfOPylPso1mubLzTFMeOYwdH1qlQDQEx44M25p0MNC18vXSSJ02mW3XS4PSxb5j7moAgAAAEFSAAAAAWgBB5kDODIom6E4Wsyim97z73xpeXSdsXYEowouGdDbngH2LWi7-Knp4Vv9DDkfevi_SW1_ALvsV3iGkQopz7troGdOE6vAHRM31R1k7nuEHA_pfeKhI__pDFhLe7qpkIopXNbGHdWtKY4rvukGGgSrGB9AvWHF2K3sKgyFjSPjokG_DYj8EpjijPhRpCP_n64h35WukvZhfFRM94SRaYNHyb5ttbGxNBGaz8c3kBO2awhXrB3zzJG8wgWAmCrgE2Upn1mXAXcceDF77v_FrivDuK7bY6sfoYXzX1h-7POarUXj86Go92Pb_sV5Kk3DXKiV0Isq_YVHXump666ArHfwOIAw7V1s_hOWbXL5Aq54XEdnHOBD4pU_Elqzxc92ZXUMT9T4XrwL1V65_8QLxm-f4MplFFsgRKNMIWm8Ja58akj0BezKA2UFCof5gZu_C4hKJ47FixnAZoj8KTLQ_gkXENSGtibTFUfK_hp5t1NQy7uezZ3jOfVVk7pThIU0VW4BqfLHpP5FhwUeteXNbvulnAsP41sKUOjBEkR0Wao_jNfGJto0sl5dpr3vuzyyIBxJPDOCreCE6PvjIOyaVXlk4UFjp4IRv1va8kKTi4mTF8gqPmjM3ffuOjqBgL8wv7iSw2hyr-NRgfYbdPzCFyzgWocpxY9pVqB8Ady9cKprzzlYpctfRw8fe_AwTrPaj4Nv3i_qOD3F7ElxgNuysec_HW2PpqtUeKlThCSQVhmG5vG7IZ6qULiivfiLWn2yQcvFI-ucS5SOsdPY9eK-EFk6YelXhlsBPFpNhxSLJc_6bB4uDJgOkdmO2YqeaN1lwrjlt2WyeF9l3Ts213nk1tvFwGoYU46_LNgJwwnHRF_OddeuQU853ypCRokw99SWov1ZegRUAoWPJLkXDt_Cg2MTnl6FWLjVKpQLoggzVRstOdd8IffrHMgCjMDcHaeaN73D1Lv6alt89vf-3WOAUGa3xVGsvdeqUQp3HeTIGmXUv-32C-Jda9O-0vsXaFYNs0kmVMIHVr6inBFG2zRpvtTRYoOO5WAPSd-Wb8mktToSDCyEOM_6UYgo8bFnkwS2LgzuVgIv4-YyBOp5gasV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag236615 Show response
ads.revjet.com/ Frame 6241 245 KB
40 KB 60ms
59ms Script
text/javascript 5.9.137.180
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236615?_plc_id=111756833&_key=a27&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy3_h-AV2Zc3qA8ydvcAP_6yA2AKy5YC9dIijr93pEffEiYmEAhABIIr5_yhglYKAgJgHoAG5rJCLKcgBCakCYi2If_cOsj6oAwHIA5sEqgTvAU_QQxzz1NXXUd69jBVD3QQ-WwPCwZD361Bh47KbU5aDvBCej8kNZtJWsCMaxKDMXMPWav2ekg6lj6-PCNiMB06-D2UVLmYsvJ4XZ6JiGw1o8w232MhRJ7CuCPb-OnHg9KxcQYdx0roZ3MHCH686hB-TPyxs97LeRQNwdxruttiiiQIap-xhjZRCGe2ySdk-Iu8-_1pYUvs3AWLzrtxHGMnPtF9a82Bt7li6eGJtozYP98XsRum_p3ttjFOM2gkAKCUfm4NSu8w8PJcGVPDLw8P3_j2YmJGm1CNYbk6r4KXtBZ3JntPKC_u7ZHdgPa6DwASw-YnPugTgBAOIBby_itZLkAYBoAZNgAe55ODqA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPX_xqTChYMDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbAToOfsFdgTDYgUBdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB%26sig%3DAOD64_3eAW7QwyNeNW01muT3Q2qU3C0RuQ%26client%3Dca-pub-3344113132106788%26dbm_c%3DAKAmf-A3OyvdVeBZ7OWi-uzb18P0dnqxuuXOmgKMWZgFTmUfwgxdlCOfAU9wXm_elkB4e5HSi7m4-OnxH5yEAnmEN2vzGKboEJOyHnrBWE6coqPTWAbk-GD93JekyWIbJsVQpTYfMHiYzhv7vgDbExJ2tGjTyG5pe408Rj5UmnjlAEzt37CcsL4%26cry%3D1%26dbm_d%3DAKAmf-B6HNobLWSMml0IptJuWXHomuzzXCWsjRKWBR3l9Ut9C_27l-XOjuS4E2VFdpQOjc8PkYpGof-CKoPfF2fAxouwGrF5fwqsyEHYZUMs9dqE9DDQlQEakK0KbDMWWZzj3SV6PegjNJgUZ4d2xxZrOpQqE6LGdqs5G1UZxrtAdYG8aUG-mck1qZHPPvY848Uzgx0THsQe8b5ao45oz8cG24nNcQJMficb1icjDpFe999vS5Zop4iwMomRt9P5cDPG_uFM4a5NQggH_7bv_3Ryf_IqgnJAIYRtSyhrunQ4QlkYbTdFPafUTkqUxgWGH0omDmsO6T_2dWpbqdgLK3Jt_TvBmWyhbBn9pT1C1fkDjm96ZvBoUUTZDgCZY4QLW_YVFrJPIi3xZZZJdff2RtIlk5vHR10j1_1BMLLs11rqMz0ozv-Y8eCz2UTGm7-wvTUKsNZ9g0y6aIGJfHBsG5AXgO9FNk0ZR7X0uzWxnGwkg9t9pkaP6cK6ViJYv-bjTqgv-HECeLTyVTOhAGLjGhWaN8Bb1UBhdjXARWPFvehCZtqZ84WpsZWzcmHqsbkd1-3BilMjQtubQUU68w0T_A3DCZ6YY2_JN81Ewp6IZ2Y_uwMZ1rCfcpyW4daDZGy7UxuAIuYWKSBnxSk9zZAarqadyI8sqznKtDdnRqevn-xeNLeKijUXqYI%26adurl%3D&dv360_cmp_id=20313186236&dv360_li_id=1013245245&dv360_crv_id=467097573&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D293675611%26client%3Dca-pub-3344113132106788%26fa%3D1%26ifi%3D9%26uci%3Da!9%26btvi%3D5&_js_site_ref=https%3A%2F%2Fm.askfollow.us%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=7910c01abbea53363a_1702233594829&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fm.askfollow.us&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1702233594832
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.9.137.180 Gelsenkirchen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.180.137.9.5.clients.your-server.de
Software: nginx /
Resource Hash: 0c9661e12c1fc8567f1cf63da08f8b303fe668a9b3565accf4ac5da424c86fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56021
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4421 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPFUZ36LBk22ded_IKp-gqWd3i2QGw3DoNqd6CkYDaD1j35beNhtwYtN07fzfZBVKP4XCkzQhVYzRNQO6PaN0Snc4Zo79ZQP1zcvU1bpWB0II5RXpehxWGv3VnwPaJKJHGn8lc8zL2OWKP3ZhYQkMsypMipLq3J4H6UAPwTDzJ&sai=AMfl-YSPZvLoZKBekoWdtqgheEgle8T3J65qHj3utavBL5CwcKFxqS6A0Wc-_KkAWDk8pNbWZrbGU6pqvpCt1PdIKI30B9lPSuaZpAO-UxRyLv-7sj5pO7pYthAGAeGeUqtAJsNjJdvwMENEuuW-8uqlhv2j_h3saDMomvs&sig=Cg0ArKJSzKgFlQHVXCG5EAE&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=293675613&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702233593672&rpt=233&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 99A4 167 KB
49 KB 197ms
79ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (frb/67DF)
age: 161
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Sun, 10 Dec 2023 18:49:55 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 99A4 43 B
170 B 193ms
58ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=8c5bfa06bb9e5d4b000538412dd5d811&__adt=8240603563396755265&__ade=1&vid=5104451964230917093
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Dec 2023 18:39:55 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 99A4 33 KB
33 KB 40ms
39ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 76066
x-amz-request-id: 1247ZAKWB0FN99BN
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: rozPDIjjF7SWL77LCdpv/kmXHvewXfTuJb025G8GWQjAvePE9FAptyJr3OrOOkWMuIX6ZuNvFN8=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:39:54 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 99A4 56 KB
15 KB 40ms
40ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 19:13:24 GMT
server: ECS (frb/6723)
age: 62
etag: "62717ed4-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Sun, 10 Dec 2023 18:49:54 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 99A4 3 KB
2 KB 73ms
72ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 71094
x-amz-request-id: 3K4MCERFKNX5JZ30
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: JM860oPpSUvYDiRiiL0jbgtGorLv8ZnTi7fqAd/dskQ8Xe1a2kXbf6ATJemb6ZV+qqs1YRuPm04=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 11 Dec 2023 18:39:54 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 99A4 632 B
625 B 73ms
73ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 76070
x-amz-request-id: Z9SD536C131AYB20
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: Vgfotr2RabsKl2SQ7MSfHq4/yu+IktSMPXPCvNM3zs94Jr7tmOi2d4W4TqQ3zJgl7X2LoQEYiQ8=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 11 Dec 2023 18:39:54 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 99A4 7 KB
4 KB 74ms
73ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:54 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 73735
x-amz-request-id: 4H6GDV12RXVH9CS6
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: zncNJLXhkcb17k4kvZTwkfQutn/8klxnZy6qNVgX/VbbzeYPGePmhDS97USnqUeyl9DScL2P4k4=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 11 Dec 2023 18:39:54 GMT

GET
H2

200

B29257362.357505518;dc_pre=CMy9g6bChYMDFbX2EQgd7FcKrQ;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702233594870
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 99A4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17022335...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CMy9g6bChYMDFbX2EQgd7FcKrQ;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_chil...

42 B
118 B

57ms
57ms

Image
image/gif

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CMy9g6bChYMDFbX2EQgd7FcKrQ;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702233594870

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_pre=CMy9g6bChYMDFbX2EQgd7FcKrQ;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702233594870
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 99A4 470 KB
470 KB 144ms
40ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 73736
x-amz-request-id: 4H6Z77SJHPN74M78
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: XGb7mOb5+PSTWaS86dZp4mZXoCAA4WrVFzJCsp4bNim0UDfN8nyLLErQM8Tub6Jk60xgkB/rUSo=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:39:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40FD 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ7XuWmnUp_gF6xjSNQvSnu4lzjZjn424b_cdji5KcZVXqu4dYMXuvhMYwxbg8xOMNNVJ7PPsAra4OewO3HPix0offZaLoMI9WJZSSpls4XqLTnL7BdvP2y_1btURs1MluwGR_tHDtyIFa6ukcBY-fUXzE_An91UjFSjm7dxJRL6ppK9GxtmsS9d6652V3BApcE5kZBiyWH-G63AUJcluGDViSb0Om-FTe5TlXJ7ZaludvEWzftMtlMfRshLUdThWG3qyFkR4AbQfpcnwMAx3v3IlPqBvDYDkDc4ThQxsva6r2QoG_7qbTxj0FRY-TY_oELRNCap61R1gp8BEFh9JzcJav-T-FvnWw7uqu_mNRIeXxkHi4YbU3X-Q4wqpZ62F8nfRL4rZcWehUCGm3CPsdS81JWIcMSHNfkKZyVJhcUATT5k5vRfuHA7SN4ZytwcouPgciL80EVc2OZyrh0ni3t9um9WPv3vkJsT1Hp9q65bfRxjZvsbH9NPVUj33kAH44EawfBz0Vj3bOtHM6k1BSb4h34Uc1MBCGV1oDMSldqXgaZkMdtrL7w1IOyZvo3NAaIWEIsQZYDIBfhl0Uh3pl1IaaXUNT54MCrTSiHThPoz3z56FCwbGfjLLUu8RV7Kg55CFtXK9Ii3DqIR3iRvjzNXydQcyY2tmvV0FEE1zPp74UOiGMKEseIq2E71wxW3pcx7Zgl3DG-FioT3SuM3DXXkxz1iWaOQwezdVGwZDtQ7Tln2Q98vyQgQ8diATCb2ItzmCP2BRTnALfbKSoiqlL05rySl91yp6z23ePlm7xCwsG5qgx5oENmL6i5yWLX4FktveAiK0ffljdSpfHAbo9meknB4ODHS7XoF-h3Lv-6h7Ya_06cwkg9IDCTMRUcDubrBtng1b_a2KAO9Tga08HhTYkXs5GavPyKFYaFaBF8zSHc8pMop8mnz4_Vts0m4wi9W8VanjuT02jvTcdZHo8Pe1o6EGywNWbJYXkWSvGOee2cbzRElxj8nTYy70z7D_i_TKB9O8yvvYFH7ZEdbCoj10A-pUpS6G3u8FWlT757VXjb-6FKQTc8siIxMUK8-N--JHpVutgkX5cIijdSHbVKS4h__nKiA&sai=AMfl-YS4lNCHl9PKDpPZWZIu6IjIaoNfTWbdng2mNkFvN7iVG9wDaaOPpVYa03tGvV1fyyVBpJuZ5TOA2URP0VMhmQjd0-CugK92rbRSmMsj7lKf6Mb4afw0zz_huqQUR_QEOngl8waGP_2ofqg16oXwkQUeDJU9MZ5RtJLFuos2I_9glBc0_YKt&sig=Cg0ArKJSzAGoU3IGx4MfEAE&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=293675614&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702233593673&rpt=270&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 99A4 33 KB
33 KB 104ms
79ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 178
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Sun, 10 Dec 2023 18:49:55 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 99A4 13 KB
13 KB 64ms
40ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 2900
x-amz-request-id: WEVPD3QE3ZFHFJK8
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: trwhfCAm956Yr4n+Qef0grpd3HBqqX6KJDjc6QFzFTNNa8mMtlcx2j/AJFnl4D6Qh//0Z0kgybE=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:39:55 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 99A4 286 B
504 B 40ms
40ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 76070
x-amz-request-id: A1F7J08XA0PAV5NB
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: M2L15J9kac5HxTkzowAWMcFYr8m7j4qX5BeD7HypHz6V58dOZvuBHavKSig4p+sbBiRy+o0X6aU=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Mon, 11 Dec 2023 18:39:55 GMT

GET
H2 200 1722509885_uc
cdn.revjet.com/s3/csp/1701857412108/ Frame 99A4 70 KB
70 KB 40ms
40ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1701857412108/1722509885_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8b4c5ac557578dc663132cb30bf768a534c4697db482f2c1b76a509983bafce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
x-amz-version-id: uLVhn4EGKxY7vNY1Rn2gGuQaDjLsZxBD
age: 27626
x-amz-request-id: RA3VSMP1BB2VQCQE
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 71393
x-amz-id-2: zKYUCRlrj/utBxfknBJZbAfb6GDI1f+T3BS6MjWGzvzv/B2Ri0Y3cN6nE2EmiaQvXUQzg9o3Lhg=
last-modified: Wed, 06 Dec 2023 10:10:13 GMT
server: ECS (frb/67E0)
etag: "47833972174589a4efe7447f29da47ee"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:39:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6241 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqonCe0RCHb_77XiYXY-tONB78RX6LsUvqaHah-MJypuW4e0jyJlJyPj9AXiSjEPFelW20AXwDhf6o97DdIYGAFD3NCzag-OlVuF1a4qZadvbI7qSrkPgBhjT1_eV2nLRX3RyJBHOn6Jg_&sai=AMfl-YQuwxb-j2DtmydXUJR6QYH2co0x08P4S7f7IObfRildGszokI7hA5Riw2cOaJDW3QYCOXaCD-YvTVCP1zBYsdX9V4VZ-inYF-PsQ2nU3PFBfrNWJs9zFeHSqQzrBbHGMP_wpbtOg-vQJ0F1bYDBMu4Bj20W5fuoMn8&sig=Cg0ArKJSzM98-bT9ouNZEAE&cid=CAQSTgDICaaN0nUfVHwJ7y1aFCcvc7OA4YkjG34mG3h1K4-D51u8ggiCQIWVX2QUw6Zf_oBPFLTU7lAjSWDNlM-erIuuh9uNIgmMfQBchbeznhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=601,1000,1000,1000,1000&tos=601,399,0,0,0&v=20231208&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=293675611&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702233593758&rpt=526&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Dec 2023 18:39:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 99A4 43 B
169 B 58ms
58ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=8c5bfa06bb9e5d4b000538412dd5d811&__adt=8240603563396755265&__ade=1&vid=5104451964230917093&__clstampdif=401&__stamp=1702233595338
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 10 Dec 2023 18:39:55 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
88ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139cfe0bc9b78bf3fec54d9af1aa4e2daab6f63700f4742749d6bf5760854ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12389
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.askfollow.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 18:39:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABAF 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:29:03 GMT
expires: Mon, 09 Dec 2024 18:29:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F65 829 B
560 B 49ms
49ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf3980bf641b1725927f28596bbe94e1123c1393d329b50289b451d390e45def

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H0MSy1xLS5m4ytkdAQng2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.askfollow.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H0MSy1xLS5m4ytkdAQng2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 18:39:55 GMT
expires: Sun, 10 Dec 2023 18:39:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ABAF 39 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 09:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 09:21:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F65 0
0 73ms
73ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=571963610373601&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABAF 0
12 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pTUVfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 18:39:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 02:20:47	Name: muc Value: e47ccb2a-c60c-4dc4-859b-a69a4bd581c1
.askfollow.us/	1970-01-21 01:36:09	Name: cf_clearance Value: dN66mQO6xNnaZmILNeNbTTvxcBP_22uMNSSx4C0xbCo-1702233592-0-1-c3dcf1ab.5ac9699a.8a5d8085-0.2.1702233592
.askfollow.us/	1970-01-21 02:12:09	Name: __gads Value: ID=0bf905dd9592ed54:T=1702233591:RT=1702233591:S=ALNI_MaFhGENWJZpXf1N_y5YZAgYYMnJXw
.askfollow.us/	1970-01-21 02:12:09	Name: __gpi Value: UID=00000d114fe2195d:T=1702233591:RT=1702233591:S=ALNI_MZii08AlfOdajK_8TlTgX-WhhBMog
.doubleclick.net/	1970-01-21 02:12:09	Name: IDE Value: AHWqTUlTV9M55CWqH7GHdlEKHwItw9aUnOe0wnslE3Ixsjs9It4pB3W8jilw0dXBQYA
.doubleclick.net/	1970-01-20 16:50:37	Name: DSID Value: NO_DATA
.askfollow.us/	1970-01-21 01:36:09	Name: FCNEC Value: %5B%5B%22AKsRol_bT0YpX6CYkhS5Cl3tqslHnceDX0ya86mLWnPeqt8IJznEDU0hwJH2wP-YNoUMVP__OB7CJWb-vZFTKS2TfZ9IeeK1-pdDpUwYm30wRELRRwkMGYzDzrpusiJTa1TMnClsR2h1uO2ZRyWZChmfeU_IMulvKg%3D%3D%22%5D%5D
.googleadservices.com/	1970-01-20 19:00:09	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:36:09	Name: CMID Value: ZXYF.VhHLG0Tbbp47CWtYAAA
.casalemedia.com/	1970-01-20 19:00:09	Name: CMPS Value: 5274
.casalemedia.com/	1970-01-20 19:00:09	Name: CMPRO Value: 5274
.adnxs.com/	1970-01-20 19:00:09	Name: uuid2 Value: 309499920197114250
.adnxs.com/	1970-01-20 19:00:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlbvQ.?z!]tbPl1M>e)ZlrFUfJ+tGXxouKy.]Foy6Z2u[S`VLP2[72_uX^Vh!+qv]?bpRzqF1`b`T`?u4U
.doubleclick.net/	1970-01-20 21:09:45	Name: APC Value: AfxxVi63Xcg4FcMgVnxSZJk-cPme3f-ANTON4RHZeS7LRPKz0iBJJQ
.doubleclick.net/	1970-01-20 17:33:45	Name: ar_debug Value: 1
.revjet.com/	1970-01-21 02:26:33	Name: trx Value: 5104451964230917093
.revjet.com/	1970-01-20 16:51:59	Name: ads Value: 8c5bfa06bb9e5d4b000538412dd5d811

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.co/sFgpaCUXF7 Message: Unrecognized Content-Security-Policy directive 'referrer'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
business.instagram.com
cdn.revjet.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
l.instagram.com
m.askfollow.us
mucerentacar.com
pagead2.googlesyndication.com
pbs.twimg.com
pix.revjet.com
service.supercounters.com
t.co
tpc.googlesyndication.com
whos.amung.us
widget.supercounters.com
widgets.amung.us
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.244.42.197
142.250.185.162
142.250.186.134
142.250.186.34
172.104.29.90
172.64.151.101
185.89.211.84
192.229.233.6
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:10::6816:4aab
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f277:c0:face:b00c:0:43fe
2a04:4e42:600::649
2a06:98c1:3120::3
2a06:98c1:3121::3
5.9.137.180
95.217.106.24
0a82d4f1449ffaab4f749bb15d61f3225457417cd7205d1077d41f1d9dc25ec3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9661e12c1fc8567f1cf63da08f8b303fe668a9b3565accf4ac5da424c86fba
0d1f7acedf0c50fdf0590f3189e114b9fdf37b65c4317899c524fe378d72dc74
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
104fcf16b63a4b117e1504b6f735fd8cdb9ee07147e3b96ac8bffee634660069
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
139cfe0bc9b78bf3fec54d9af1aa4e2daab6f63700f4742749d6bf5760854ff8
1689fd3e84037973cbc41f1f4cd761cfc069f644bb8695d553b6ed5f8eb496f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
25e95b94a4bc4314d574b34eee7a149a3c03e9cbf99152523c597a025921541f
26f74c52038ca81efb4159529f877d8be8ab8b3c370b673b435c844a042f0043
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d885e778582f9e0e394a0143c567a8e731e301050eab20967d36ad80b9acc2f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7ae87d4a33c982b6927577988bc2a6b5df9b802701a22fb21ed5f1ed20e097
312bba8b53066879826d9a1aa2802be89534450cfc11a2cee98fb9090b02953a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42ca00c5a7770f4b51dba088cf0e055fd9f3d83d1c4fab9e7380cb96f580d42e
42fe9b76c7c0779922ddb8d232d6d774ac0b343a4ef7c159e75ff687a95dbaf2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4cbcded4a81cb75d9694fae189bac5a6e718b40b4e09fe14719a3d0dbe5aa1e5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53791cd5d4a8ff3b07d935cfc7a018393c14b76a7823eb788846574b8ec6da44
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ec14db5dd164b3fc8c5e486df7e833a2ca18dd22230978b80f6231a3c4e8b9
59e1bd1aac27c40d796c008f77fabd43d3023b343525eda316d7d76e64a6a92e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ccc2a5621597cd580a4f329e37238521360703b96e21eb4819ddc3dbf11e91d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62265a63b369b963515f1ee7e5f7bc1ad0e4b5290d40e93e82eeb2bc43b6e004
628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6fe0b8f812276b5f3be01b344e8215731b84d04379b23a6000c962d771dd10e5
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
7578690d2b390dbb0e87dddd314645cd1874692624a01609df80023cb3e8891b
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
792c45522c9f8bd4e4b3dd28f8531dbf65662f70b1585b857a6671b4189fce06
7a3c718474e08bf7870d4a88a1e3e23fc2da020bc099e31e2f87c848e0c584cd
856420e1f59d0096185cdaac909fa54a9f596f52255d7a5f1ac502403f61d3ab
863bee3b88be5440d87bc11ae860cdf4c8cf5038937564b63a4126176d199d00
8b4c5ac557578dc663132cb30bf768a534c4697db482f2c1b76a509983bafce4
9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a
91e92ed1d0705e7657f98ca8fdf66854dc3a96666501c8e800c22ce7516fa139
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
98f82d5a4225f1a8089a2b0ca58923cfe01aee31a333cdb7144bdf663eeb3e4a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a104b6a1dd4935e2e65b64365c66d45db5ec05ec5170133ce9ab9ffb0b000d2c
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a98a3c354c1c8a39bd6d6b333605d042b89e75952b9253c839dfec499ee58c4b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab9373091a5d964e3b667b52011e9c8c4c4891f1c3a746d214bc7d7683610df7
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adf4486ca8606be330a95ae94a4158b28ed667983745d34c3a93cfa389a37e53
b000548258d8730c574b3a06ee538165dfdff6ebf86e8ffa2461ecf491c86e50
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29ac3f36468ae9686d6dfef81beb8a0815241c8697ee80171ce89430322fdd8
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
bf0d6ef257fe1cf4267376cbe0076173ac78c6ee47ffcabddc760d35e615e0fe
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c55483fa7c2d8e362f3c6455f7abaec8113ea27c52713953feb667124cb341e1
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cf3980bf641b1725927f28596bbe94e1123c1393d329b50289b451d390e45def
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d3470dc8af1dd6fc8b6c59a0a3d3632969c68fe410cf5c9530e253a3b7327e14
d68f7694086a771004216eb24979a57640fd9140f365ec4c404a170181e30064
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9980286ce7a6ddbde5afe0542821ea2a13cba94e6d6b971cccd7781985befee
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd50535aca644953d108b64b3908d732a9f09ef933f637088f7898db682bb819
dfea49dde820cdc1a2846fe3ee0e248e98b3cc1300cc17cae2e2cb19a4d42b86
e0f21b5ae57fc9ddbfcdfa6a811e087f24c53ae5103b59d53856c5fc0d472e20
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e38e4e29965d8a1cde1d70518a8ea6baeb1a01c59a8d6722c9ddafe7c27eb439
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4102565d25161434c0733fc9fc55378fea4e0f09edd3fcf74fb44724db5018c
eb4fb1cfd1c0bcbe87986cac48593a31cb790e5d6ac314abe6ec9da57a4bae49
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34b55b0be7a5111fb8c3d796db990e4d58380266933877f02462626e9a997de
f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

m.askfollow.us Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

92 %HTTPS

64 %IPv6

19 Domains

32 Subdomains

27 IPs

3 Countries

3207 kBTransfer

7184 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.askfollow.us Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

92 %
HTTPS

64 %
IPv6

19
Domains

32
Subdomains

27
IPs

3
Countries

3207 kB
Transfer

7184 kB
Size

17
Cookies

197 HTTP transactions
10 data transactions